Accused port hacker says log files were 'edited'
Published: 08 Oct 2003 14:35 BST
A UK teenager accused of launching a distributed denial of service (DDoS) attack on a major US port has said a flaw in Windows allowed hackers to take control of his machine and launch the attack without his knowledge.
In his interview with the police, which was read out in court on Tuesday, Aaron Caffrey said: "My OS supports remote admin and remote assistance. At that time, the patches were not available. Anyone could control it. Windows Media Player was also unpatched."
Caffrey added: "Someone has edited those log files. just because something says something, it doesn't mean it happened. My machine was hackable. They have planted it or added to it."
On Wednesday, the trial's second day, the defence counsel for Aaron Caffrey started questioning Detective Constable Stunt, a member of the Computer Crime Squad that forensically examined Caffery's computer in January 2002, which was around three months after the Port of Houston in Texas was attacked.
Southwark Crown Court heard that it was possible for someone to take control of the defendant's computer because of critical vulnerabilities in Microsoft's Windows operating system. Stunt said that although he was not aware of any specific vulnerability, he admitted that Microsoft does have security problems. "There are thousands of [security bulletins] and Microsoft issues numerous patches on a daily basis," he said.
The court heard that police examinations of Caffrey's machine recovered log files of a chatroom conversation that recorded the exact moment the attack took place. But the defence argued that if a vulnerability exists, the log files could easily have been changed by someone who had accessed the system remotely.
The defence counsel asked Stunt if it was possible to cut some text from one log file and paste it into another log file from a remote computer. Stunt dismissed the idea: "Remotely, the answer would be no. It is impossible, the technology does not exist," he said.
The case continues.
Did you find this article useful?
61 out of 144 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
Full Talkback thread
10 comments
-
To quote the article.
"The defence counsel asked S... Anonymous -
If the hacker was running as Adminitrator or any a... Anonymous
-
"It is impossible".
Now, THAT was a very dangerous... Djakson Cleber Gonçalves
-
The comment from the Detective about it being impo... Christopher J. Combs
-
I think that the log files might have been edited.... MHD Yasir Al-lahham
-
There are lots of methods, the person who stated t... Anonymous
-
Aaron is right... this stuff can happen, and the... Sky
-
Has "Inspector" (DC) Stunt *ever* heard of malware... Anonymous
-
Does the UK have the equivalent of an amicus curia... Josh
-
Hmmm I like using "pipe" works in Unix and Windoze... tty21
