[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] how do the hackers find your Raq?
- Subject: Re: [cobalt-users] how do the hackers find your Raq?
- From: "Steve Werby" <steve-lists@xxxxxxxxxxxx>
- Date: Tue May 22 12:43:01 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
"Dico Reyers" <dico@xxxxxxxxxxxxxxxx> wrote:
> Perhaps this is a silly question
It's a good question.
> but how do the hackers find your
> vunerable Raq? Do they just scan a whole whack of IPs and hope some of
> them are cobalt machines?
A lot of them scan IP ranges, check for open and ports and check for known
vulnerabilities. Once found, the hacker will decide if a machine's worth
rooting and go about his business. A lot of them use programs to do the
scanning and rootkits and instructions to exploit the server and take
control of it. And the hacker often has to know little more than how to
click a mouse and paste text into a shell program. Fun, eh? I don't know
how many are seeking out Cobalt boxes, but it wouldn't be hard to find them
if there's a known exploit that affects a Cobalt box. If you know the name
of a hosting company with hundreds of RaQs it's trivial to look up the IP
blocks it controls and scan them.
--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/