[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] how do the hackers find your Raq?
- Subject: Re: [cobalt-users] how do the hackers find your Raq?
- From: "Zeffie" <cobalt-users@xxxxxxxx>
- Date: Wed May 30 05:15:51 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
It's a good question.
>
> > but how do the hackers find your
> > vunerable Raq? Do they just scan a whole whack of IPs and hope some of
> > them are cobalt machines?
>
> A lot of them scan IP ranges, check for open and ports and check for known
this is why you want to have portsentry installed... it helps to keep you
off of databases of machine types....
> vulnerabilities. Once found, the hacker will decide if a machine's worth
> rooting and go about his business. A lot of them use programs to do the
> scanning and rootkits and instructions to exploit the server and take
> control of it. And the hacker often has to know little more than how to
> click a mouse and paste text into a shell program. Fun, eh? I don't know
> how many are seeking out Cobalt boxes, but it wouldn't be hard to find
them
> if there's a known exploit that affects a Cobalt box. If you know the
name
> of a hosting company with hundreds of RaQs it's trivial to look up the IP
> blocks it controls and scan them.
>
I'll add that some/most hackers always run a "sniffer" for passwords and
more access to more machines... and they just keep going...
Some hackers might look for credit card sites to hack and some look for
servers that haven't gotten updates like they should and then they just "cut
and paste" into the machine... and setup the sniffer and maybe start a
scanner for various ip ranges....
on a side note.... this is very bad... escpecially when that scanner scans
*.gov Then the fbi shows up in your office one day.... they don't wait for
you to do anything... they just take it...
Zeffie
http://www.zeffie.com/