Jack Box
From Wikipedia, the free encyclopedia
 |
This article or section needs to be wikified to meet Wikipedia's quality standards. Please help improve this article with relevant internal links. (August 2007) |
 |
This article does not cite any references or sources. (August 2007) Please help improve this article by adding citations to reliable sources. Unverifiable material may be challenged and removed. |
A Jack Box (aka Cracker Jack Box or Hacker Jack Box) is a small network-enabled computer-in-a-box designed to be placed behind the wall or network "jack" for the purposes of discreetly collecting network information.
It is typically set up to be a network sniffer of some sort, either directly or by ARP spoofing. It can also be a wireless device designed to repeat all or selected information to a remote host. Alternately, it can be used as a simple toehold on the internal network, as a set up for scanning and exploiting other machines.
The advantage of a Jack Box is that it can be discreet or may only take a few seconds to set up. For example, it can be placed in the IT closet of a bank branch by a hacker posing as a telephone company representative or fire inspector. It can be a small innocent-looking network appliance placed with other IT equipment or it can actually be a "replacement" for a network jack, with the faceplate containing the network connections covering up the "brains" of the hacking device which sits behind the wall.
In the case of a bank branch that shares walls with other businesses (for example, a strip mall location), the Jack Box can be placed inside the shared wall or above the plenum, and the intruder does not have to deal with the physical security systems of the bank such as motion detection or perimeter alarms.
The Jack Box can either record information for later retrieval, or simply send the information out over the network connection to an anonymous host on the Internet.
This is very dangerous because most banks use mainframes or AS/400 as a core operating platform, and, since serial terminals are now obsolete, almost all core access is TN3270 or TN5250 which is terminal emulation over Telnet, and all communications are sent in cleartext. Although encryption is possible, it is not enabled in the vast majority of U. S. banks.[citation needed]
Jack Boxes are very hard to detect. To detect them, you must both detect new workstations and also ARP spoofing in case a MAC address is spoofed. Programs such as the open source Arpwatch can be used to defend against Jack Boxes.
[edit] Usage in popular culture
In the 2001 film Ocean's Eleven - a remake of the original 1960 film - the thieves use a Jack Box to break into the casino's computer network. The character Livingston Dell refers to the infiltration and deployment of the device as a "black bag job".
