RE: [cobalt-users] IPs related to hackers

["Donna Lever" <webmaster@xxxxxxxxxxxxxxxxxx>]

> 
> * could they be getting info on RaQ's from this email list?

This list (and others like it, including support newsgroups) must be a goldmine for hackers. 
By monitoring this list, they get a target domain name they can identify as very probably running a RAQ of some sort. Even if you don't use a sig, the info is likely in the email headers. If you're asking a question, you'll say what machine you have - the standard version of all programs that comes on those particular machines is public knowledge. All they need to do is test those holes, and if you haven't been up-to-date with the patches, they're in again. You might even say you're having trouble with version x.x of a inet program. If that program has a known exploit, their work is done.

Some people use their phone numbers in their sigs. One phone call to a non-technical person could have them inadvertantly revealing a username and password. Harvesting these email addresses could result in bogus email campaigns hoping to reel in some unsuspecting people.

They don't even need to subscribe to the list - all the info they need is neatly stored in the archives and available with a few search words and a mouse click.

It's food for thought, and the only way I see to shut down these type of predators is for a single depository of Q&A that strips email headers/sigs and such and reveals no identities. To be safe, tech questions that require server details need to be asked in anonymity - or at least give you the option of anonymity. I know it's a tall order, but it would send nosy hackers off to easier pastures.

--
Donna Lever
Smart Artist Web Services
http://www.smartartist.com.au/