[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Recent Hacks - Why?

Subject: Re: [cobalt-users] Recent Hacks - Why?
From: gery.jansen@xxxxxxxxxxxxx
Date: Wed Feb 28 00:37:01 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Hi,

This is a really cool bit of information. I thank you for that.
My only question is .... are only Cobalt RAQ's and Cube's involved in this
resent swap of attacks? or are also other systems involved? when only Cobalt
there are 2 questions.
Why are only Cobalt systems involved and when only Cobalt, why the other
systems not?

Thanks

cuall

Gery Jansen
internet24 gmbh                       056 470 60 16
www.internet24.ch                   079 378 26 14
gery.jansen@xxxxxxxxxxxxx
----- Original Message -----
From: "Christian Karlsson" <info@xxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Monday, February 26, 2001 8:56 PM
Subject: SV: [cobalt-users] Recent Hacks - Why?


> Okay! Thanks for the information!
>
> -----Ursprungligt meddelande-----
> Från: cobalt-users-admin@xxxxxxxxxxxxxxx
> [mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]För Dee Dreslough
> Skickat: den 26 februari 2001 17:52
> Till: cobalt-users@xxxxxxxxxxxxxxx
> Ämne: RE: [cobalt-users] Recent Hacks - Why?
>
>
>
> >What is it with all the recent "hacks" on the Raq's? Is it really hacks
or
> >is some sort of bug? It seem to me that very many raq's has been hacked.
> >Even my raq was proberly hacked. Who is it that are hacking our servers,
> and
> >why? I don't see any point in doing this...
>
> I have a friend who's run a few ISPs in his day who now works for my
> husband.  He's been doing security for years, so I asked him about what
> might be going on.
>
> Basically, all these hacks are probably happening for two reasons:
>
> 1. There's a new HUGE recently discovered hole or holes (BIND) that all
the
> hackers are now trying out. Our systems aren't spontaneously corrupting
> themselves...this isn't just a bug. I wish it was!
>
> 2. A new crop of 'pups' is cutting their hacking teeth at the same time.
> Basically, more kids are discovering hacking right now, so more and more
> portscans and scripts are going to be thrown at us. More amateur hackers
are
> learning by throwing their scripts at our machines.
>
> My friend explained that one of the reasons my hack was so obvious (I
> immediately started receiving BIND: Address already in use messages in my
> email box within 15 minutes of the hack) was because there are Real
Hackers
> and Kiddie Scripters.  The real hackers have a kind of honor (if you can
> call it that) and they purposely leave errors in the hacking scripts they
> distribute to the kiddies so that amateurs leave footprints whenever they
> use them to break into systems.  This is the real hackers' way of actually
> allowing us to know when we've been hacked. Nice, eh?
>
> These Real Hackers have probably already had access to our systems for
> months...we probably never would have known... but now all the Kiddie
> Scripters are trying out the scripts, and leaving a mess behind. And,
there
> are a lot more kiddie scripters than real hackers, I would guess...just
like
> there are more RaQ newbies than old salts. :)
>
> >Why so much hacking? Why do they do it?
>
> There seems to be some kind of 'cache' in having a list of compromised IPs
> of boxes you've hacked. Also, hackers try to pre-prime machines for Denial
> of Service attacks. They try to sneak onto as many machines as they can to
> set them up to do an attack at a later time. They're basically trying ot
get
> as many compromised machines in their 'back pockets' for when they need
them
> to attack someone who's angered them.
>
> So, the kiddies are probably doing it to 'collect' a bunch of hosts they
can
> use later, or to just show their friends how cool they are. >:P Of course,
> they don't realize that they're basically doing the equivalent of breaking
> into someone's store downtown...they're threatening our livelyhoods by
doing
> this.  For them, it's just long distance teenage mayhem, I guess.
>
> I don't think the problem's going to get any better any time soon. As we
> pass the 50% internet-use mark in the USA, more and more kids are going to
> have access to the web, and more and more are going to want to learn to
> hack, and try every portscanner and script they can get their paws on
again
> and again.
>
> I'm not a hacker, so this is just what my friend (who as a security
> specialist has had to study hackers) has explained to me.  I hope it helps
> make the possible motivations of these people clearer, and also explain
why
> we've been catching them so often.
>
> -Dee Dreslough
> With love to the Admins -- may we always keep fighting the good fight! :)
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>

Follow-Ups:
- Re: [cobalt-users] Recent Hacks - Why?
  - From: flash22

References:
- SV: [cobalt-users] Recent Hacks - Why?
  - From: Christian Karlsson

Prev by Date: Re: [cobalt-users] #! is not interpreted
Next by Date: [cobalt-users] Ping command
Previous by thread: SV: [cobalt-users] Recent Hacks - Why?
Next by thread: Re: [cobalt-users] Recent Hacks - Why?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index