[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] anti hacking
- Subject: Re: [cobalt-users] anti hacking
- From: Brent Sims <brent@xxxxxxxxxxx>
- Date: Mon Jun 5 13:00:57 2000
On Sun, 4 Jun 2000, andy so wrote:
} What is the best and easiest to setup free softaware for the RaQ3 to stop
} people port scanning etc.
Hi Andy,
You can't stop them. Scanning is not illegal in the US and,
while I certainly consider it so, a scan is not always indicative of
an attacker looking for a whole. My Windows desktop, for example,
tries to do a whole lot of talking to points unknown. I've blocked
this at our firewall but mine is far from the only Windows powered
machine on the planet and everyone of them with file sharing enabled
constantly scans every host it can find when connected to the
Internet. About the only thing one can really do is live with it,
protect against it as best as possible, and resign themselves to the
fact that it's part of the job.
Retaliation can be fun but it can also be very
dangerous. Virtually all scans which are indicative of a potential
threat originate from machines that have already been
compromised. Their was a scan done about 6 months ago during
which all the hosts on the Internet we're checked for both
vunerbilities and a series of exploits. The results were more
than bit frightening. I don't recall the actual numbers but
I'm sure a search for Bass would prove fruitful. The point is that,
more often than not, scans and attacks originate from machines which
are owned by decent people who simply does not know what their
machine is being use for.
Every now and then one can get lucky... A few months ago an
E-Commerce Consulting Firm tried to hack one of our servers
here. Rather than take it up with them, I played stupid and took it
up with their provider and their provider's upstream - Quite simply,
rather than dazzle them with my knowledge, or lack thereof, I cried
and begged for help. The end result was that I not only got the bums
connection shut down for a couple of hours (hey, it's a win), their
provider is now aware of their activities and, being the kind of guy
that I am, I billed the responsible party for my time. I may never
collect a cent, but I suspect it will be some time before they knock
on my door again :-) Nevertheless, one has to be very careful as most
of the time finding the responsible party is next to impossible and
one certainly does not want to being doing something like this to an
innocent whose machine was compromised without their knowledge.
Peace be with you,
Brent
Brent Sims
WebOkay Internet Services
http://www.WebOkay.net
Brent@xxxxxxxxxxx
(719) 595-1427 (Voice/Fax)