|
|
Posted by Jerry Stuckle on 10/22/07 00:47
Sanders Kaufman wrote:
> "Jerry Stuckle" <jstucklex@attglobal.net> wrote in message
> news:6-udnf4MZ_UgQobanZ2dnUVZ_hqdnZ2d@comcast.com...
>> Sanders Kaufman wrote:
>
>>> Before they can hack the system - they have to FIND the system.
>> Which is very easy to do. Script kiddies do it every day.
>
> No - script kiddies are only good at hacking systems after they find them.
> It's a whole nother kind of hacker that finds the systems.
>
Try again. Script kiddies are quite adept at finding "hidden" systems.
> That's what all these beacon posts here in this group are about.
> They're phisihing for developer boxes.
>
Those aren't script kiddies. Any reasonable hacker wouldn't be that stupid.
> Normally, online, we developers, as developers, are not distinguishable from
> the crowd of other folks online.
If you say so.
> But our systems tend to be a more target-rich enviornment for hackers.
> Obscured - we are secured.
>
Nope. You are not at all obscured.
For instance, you are posting from 209.30.206.81, which belons to AT&T
Internet Services. This resolves to the Dallas, TX area. That took me
about 30 seconds. I suspect a little closer look would get me closer.
Now I can use that information to do all kinds of things on your IP
address. And believe me, if there's a hole, a hacker can find it.
> But once one of us responds to one of those posts, the phisher knows that
> x.x.x.x is a developer machine.
Sure - but even if you don't respond, hackers will try. For instance, I
get regular probes on another system which has never been on usenet. It
is strictly a system I've used to test websites from a different OS.
But I still get probes - because people are scanning IP addresses for
any weakness.
> You and I probably won't get hacked - 'cause we're always secure... right?
> But someone like ol' Shelly might not know that the MSDE engine that MS
> Office automatically installed on his machine is accepting anonymous
> connections with sa authority - or what the security impact of that can be.
>
No, I am not secure. I am as protected as I can make it. But I do not
consider myself secure, even with the multiple levels of security I have
installed - like at least 2 firewalls before someone can get to any
data, three levels of scanning for virii/trojans and more. That's why I
keep logs, backups, and regularly scan my systems for any suspicious
software (not just anti-virus scans).
But no, I am not "secure". I am, however, as protected as I can be.
> Now - a hacker could try to telnet to every IP there is, and in the effort
> might find some similarly unsecured boxes.
> OR - he can post here on usenet, and get the mark to identify *himself*...
> sometimes, repeatedly.
>
They don't actually telnet to every port. They have more sophisticated
methods.
> And that's why they do it here on Usenet.
> Because NNTP vitually guarantees anonymity - which is security through
> obscurity.
>
Nope. It takes very little to find someone's real information on
usenet. For instance, a quick court order and I can find out from AT&T
exactly who was assigned your IP address at the time you made your post.
And a good hacker might even be able to hack the AT&T database to get
the information. Or a disgruntled employee might get the info (maybe
pay him a few $$$ for the info).
Even if you go through proxies you can be tracked, in time.
But all of that is not important. All someone has to do is start
scanning all of the IP addresses in your block - whether by design or by
accident.
And this is just the tip of the iceberg. Hackers have much many more
tricks up their sleeves. That's why so many "secure" corporate systems
have been hacked over the years. And even military systems at the DoD
get hacked - and they should be much more secure.
That's why experienced security people (and I'm talking people who do
*real* security - like on sensitive federal systems) know obscurity is
no security.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
[Back to original message]
|