Re: OT: Archimedes Socrates, ace tech writer, wins another one

Subject: Re: OT: Archimedes Socrates, ace tech writer, wins another one
From: Sandy Harris <sandy -at- storm -dot- ca>
To: "TECHWR-L" <techwr-l -at- lists -dot- raycomm -dot- com>
Date: Wed, 05 Sep 2001 11:26:44 -0400

Jim Williams wrote:
>
> re: <<<If you don't have anything "valuable" to protect, hackers ain't
> gonna be pounding at your machine. >>>
>
> On the contrary. My home machine gets bombarded virtually constantly
> through my cable modem. ...

Mine too, and everyone I've talked to who installed a firewall and checked
its logs.

Various folk routinely scan netblocks that belong to home.com or ADSL
providers, looking for vulnerable machines. If you have a fast net
connection, you are almost certainly being scanned at least several
times a day.

If your machine has obvious holes, it is very likely "owned" by someone
who scanned it and found those holes. If the attacker knows what he or
she is doing, he or she has likely installed a "rootkit", programs that
completely subvert your system so he or she will continue to "own" it
despite anything you might do short of a wipe-all-disks re-install.

> Methinks the bad guys/gals do it just because they can, ...

Not just that. Any machine that can be taken over is a valuable resource,
especially if it has a fast net connection.

If an EvilDoer wants to hide -- as many of course do -- then he or she
subverts some machine that doesn't keep good logs, or where the owner
won't notice destruction of log data. Use that machine to do Whatever
Evil You Like. Deface websites, send hate mail, harrass your ex, release
a virus, distribute porn or pirate software ... whatever.

When people notice whatever you're doing and start tracking down the
perpetrator, the trail ends at the logless victim machine. The EvilDoer
is off somewhere laughing while the confused owner of the victim machine
tries to cope with the flack and figure out what hit him.

How much untracable spam can one subverted machine send out before the
owner or the ISP notices?

For major attacks, dozens of machines may be taken over. The distributed
denial of service attack that crashed a dozen or so major websites a few
months back worked like that. First take over a few badly secured machines
to hide behind. Then subvert another few dozen and set one up as master to
controll all the others. When all is ready, pull the trigger. Master gives
an order and 20 slaves start bombarding one target, 30 another, ...

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

A landmark hotel, one of America's most beautiful cities, and
three and a half days of immersion in the state of the art:
IPCC 01, Oct. 24-27 in Santa Fe. http://ieeepcs.org/2001/

+++ Miramo -- Database/XML publishing automation. See us at +++
+++ Seybold SFO, Sept. 25-27, in the Adobe Partners Pavilion +++
+++ More info: http://www.axialinfo.com http://www.miramo.com +++

---
You are currently subscribed to techwr-l as: archive -at- raycomm -dot- com
To unsubscribe send a blank email to leave-techwr-l-obscured -at- lists -dot- raycomm -dot- com
Send administrative questions to ejray -at- raycomm -dot- com -dot- Visit
http://www.raycomm.com/techwhirl/ for more resources and info.


References:
OT: Archimedes Socrates, ace tech writer, wins another one: From: Swallow, William
Re: OT: Archimedes Socrates, ace tech writer, wins another one: From: Jim Williams

Previous by Author: Re: HTML editor: does everyone need to be on the same page?
Next by Author: Re: html editor --> cleanest html
Previous by Thread: Re: OT: Archimedes Socrates, ace tech writer, wins another one
Next by Thread: RE: OT: Archimedes Socrates, ace tech writer, wins another one


What this post helpful? Share it with friends and colleagues:


Sponsored Ads