The lack of security measures in IT environment is coming increasingly under fire: headlines of worm attacks, email viruses and security holes circulate. Security precautions do not remain on track. Nevertheless protective mechanisms would be urgently necessary. The lack of suitable precautions and the therefore increased risk is often underestimated. Surprisingly damaged systems could have fatal consequences

This undergraduate dissertation concerns about hacker attacks and their detection. The given tasks consisted of attracting hackers to attack the specially configuredset up arrangement. Furthermore, we had to carefully examine the tools used by hackers. To attract hackers, a tempting target system was built up. It had different security leaks. To act as an even more attractive victim, a virtual finance company was presented. This company, called ?Dollartransfer.ch?, was supposingly offering hosted credit card numbers and so on.

An "Intrusion Detection System" was built up sidways to log break-ins. With this so called "Tripwire" we succeeded in tracing back several attacks to its origin. Using portscans we were able to gather some information about the attacking computer system. In various cases the sources of attacks against our environment were initiated from workstations located at other universities. Surprisingly those computers were infiltrated. Hackers had probably taken over the computers using trojans. From there, attacks against different aims were launched, for example "Dollartransfer.ch". The use of these relay stations makes it almost impossible to trace back a hacker.

A further part of this thesis was, to do an internal network security audit. The worst security holes was: use of only one password for all services. Two security precautions are heavily suggested:

• different passwords for different services.
• use of secure authentication methods.

With these measures, data security at ZHW could be improved decisively.