|
|
Posted by Jerry Stuckle on 10/23/07 00:12
Sanders Kaufman wrote:
> "Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
> news:ffqdnWXoe6LKtYHanZ2dnUVZ_qWtnZ2d@comcast.com...
>
>> What you don't get is - hackers don't care. They just start a program
>> which picks an IP address and hits every port on that address, looking for
>> anything open. If there are no ports open, they move onto the next IP
>> address in line.
>>
>> It costs them *nothing* to do it. And most will have dozens of these
>> programs running simultaneously, looking for ways to break in.
>
> Well - nothing except time.
> And even then - you've got no idea what kind of target you've got.
> Bettter to go somewhere where you already KNOW that you'll get the kinds of
> hits your looking for, than to scan every PC on the web.
>
They don't care. All they do is start the program and go off. And no,
they don't know what they're looking for. But they're hoping they'll
"strike gold" - i.e. a database of unencrypted credit card numbers, etc.
They are much more likely to get that on a less-famous site than
microsoft.com, for instance. And that's what they want.
And they do scan "every pc on the web". I even get it here on my cable
connection, and when I'm in a hotel or other outside link, my firewall
sometimes logs hundreds of hits per minute.
>
>> Similar to your house with the "hidden" door. A hacker takes a sledge
>> hammer and starts methodically pounding away at every square inch of the
>> house until he finds the door.
>
> While that's a lousy way to break into something - it's a fine way to draw
> attention to yourself.
>
Not at all. How regularly do you think most people check their logs? I
keep telling my customers they need to check their logs - I can either
show them how to do it, or do it for them (for a price, of course). But
many don't.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Navigation:
[Reply to this message]
|