Chapter 1857 Top Hacker
"Suzaku has not been contaminated yet." Hu Tianyu did not dare to use the company's network tools and switched to Big Brother and Zhouzhi Communications. In fact, it is enough to explain the problem: "This is all thanks to Xueshan , when she was doing routine inspections on departmental transfers, she discovered an unknown Authorized low-level temporary users are then reported through the post-supervision process.”
It’s not surprising that the Clover Group is now a temporary user, whether it is a temporary user for testing or a daily visitor. Temporary users of guests will have similar licenses for their use.
But from a system perspective, any user in the system will not be created out of thin air. They must be authorized by a senior user before they can be created.
There is one kind of user that is an exception, and that is the guest user managed by Feng Xueshan. This kind of user is issued and recycled at any time every day, and is not a key supervision user in the system. If you add a guest user, no one will notice at all.
As a result, this fell into the hands of Feng Xueshan. This girl had a kind of obsessive-compulsive disorder similar to mysophobia about the work she was doing. After discovering such a user, she didn't know whether the situation was serious or not, so she dug out the management system, which stated She found a similar situation and needed to report it through the post-supervisory process, so she reported it.
As long as the problem enters the supervision process, there will be corresponding personnel to supervise it. As a result, this matter becomes a metaphysics.
When the supervisors investigated this user afterwards, they found that although it was a temporary guest user, its permissions were higher than theirs. They did not have enough permissions to monitor this customer's activities in the system. Search!
When encountering this situation, it should be escalated according to the system and process. The supervisor activated the escalation mechanism and reported it to his supervisor.
When the incident escalated to the point where even Hu Tianyu could only interview part of the trajectory, high-level officials knew that the matter was serious.
This is a superuser masquerading as a temporary guest!
Hu Lidong's first thought was that this user should be created by Zhou Zhi, because only Zhou Zhi has such authority in the entire system.
Furthermore, Zhou Zhi once had a similar record. He registered a trumpet account on the forum to lead the rhythm, and was also known as a "private interview on incognito".
But Hu Tianyu believes that Zhou Zhi knows the difference between the important and the important. It is one thing to mess around on the forum, but it is another thing to have an internal working system in the unit. There are also many national-level scientific research projects here. Zhou Zhi Information system security always comes first.
In the end, the two contacted An Chunjia, who was still working on the Qianxia, Shang and Zhou dynasty projects in the capital, and the Clover Group enabled the ultimate user "Nuwa" for the first time.
User Nuwa is the highest-level user in the system, but she is usually a dead user. She can only obtain it after obtaining authorization from the majority of the company's senior management.
From a system level, this user is used to compete with Zhou Zhi’s super user. Zhou Zhi has the highest decision-making power within the company, but such decision-making power is not unlimited and has corresponding restrictions. .
This type of restriction comes from the top of the system. From the current group structure, if the three small companies unite, they can veto Zhou Zhi’s decision. This right is reflected in the system, that is, the three small companies can jointly authorize the activation. Nuwa is used to monitor and investigate all users in the system.
The fact that the Clover Group can be forced to use Nuwa also shows the seriousness of this matter.
Although this user erased all traces of his intrusion in the system after obtaining the highest authority, he still missed one thing, that is, there is another user with the highest authority in the system who can do critical logs. There is a secret archiving function.
This function is purely a waste use of Nuwa by Zhou Zhi, because Nuwa is a user who cannot be used unless jointly authorized by three people below Zhou Zhi, so it is a "dead user" on weekdays, which is just suitable for the supervision system that needs to be able to monitor from high to high To minimize all user behaviors, a super user is also needed to record these behaviors. Although employees at the post-supervision post cannot directly operate Nuwa, and even higher-level users need to be authorized for operation review, they can at least see that they have passed Log files recorded by Nuwa.
The most important of these log documents are the system users’ login and logout, permission modification, and file access, modification and deletion records. In addition to the personnel in the post-supervisory position, this record contains records within the Clover Group. Not much is known. This mechanism was originally used to guard against Japanese and Korean teams working in the same unit, but it turned out to be useful at this critical moment.
With Nuwa’s help, the hacker’s behavior of sneaking into the account was nowhere to be seen in the logs.
Hearing that this user has not taken any attack on the system, Zhou Zhi finally breathed a sigh of relief.
The most difficult thing for hackers to prevent is not attacks, but lurking. Many hackers are actually only interested in breaking into the system. After breaking through, they will clean up the attack records in time and then exit.
They only need to know that this hacking method is feasible, and they can be familiar with it next time.
If random operations attract the attention of the system administrator and the loopholes are blocked in time, it will be bad.
There is also another kind of lurking in disguise, such as this one now. This kind of user usually covets some resources of big companies and big servers, such as storage space and computing power. They will pass it when necessary. These resources perform some operations of their own.
On the contrary, there are very few people who destroy the system through random operation. Even if you want to achieve this goal, you don’t need to rely on the user to mess around. The simplest way is to implant a virus, and you can achieve the goal perfectly.
Obviously, implanting a virus will definitely alert Clover, because Clover is already doing this, and the virus database is very complete. If you do this, the firewall will definitely find it.
"This person is not an ordinary expert, he is a top hacker." Hu Tianyu was also sensitive to Zhou Zhi's relaxation and said to him: "Elbow, do you still remember our information about the NOP buffer zone?" Discuss?"
"What about this person? Is NOP sledding really implemented in LINUX? Zhou Zhi felt incredible: "Even on our system?"
NOP is a special instruction on the microcontroller, and its full name is NoOperation. No operating instructions.
What is a no-operation instruction? It is a pseudo-instruction in assembly language. It perfectly explains Lao-Zhuang's thought, because its function is to do nothing but increment the program counter by 1.
At this point, everyone will feel very strange. Since this instruction does nothing, what meaning does it have in computer language?
Of course there are.
In computer logical operations, the "alignment" of instructions and data can effectively improve the performance of the program. At this time, an instruction is needed to fill in the positions vacated due to alignment.
For example, an instruction occupies 3 bytes, and adding a NOP instruction allows the instruction to be aligned with 4 bytes.