|
Kia has the "hole" plugged !!! The user id and password that alt.hacker posted no longer work !!! Apparently one of us got through to SOMEONE :-) I called over there yesterday afternoon and left "Larry Wong" a voice mail. The number in the post here wouldn't work because the area code had changed. Chuck Bill Paris wrote: > Unfortunately there are methods which I won't reveal in public that > circumvent Antisniff and any other automated packet-sniffing detectors. > > Hopefully Kia received the message and disabled that particular account. > Chuck has told me that he was able to get a sign-on screen as of late this > afternoon, yet I wasn't able to using 3 different ISP accounts. Perhaps Kia > is restricting access via IP ranges. The only thing in my mind that makes > this a security breach as that a UN and PW were supplied along with the > address and port. Then again, I'd also prefer a secure connection (https) vs > a non secure connection (http) to my AS/400 if I had to setup this method of > access for salesmen, etc. > > Bill Paris > Sorrento Cheese Co., Inc. > 716-823-6262 x376 > bparis@sccmail.com > > >OK Mr. Tricky Guy :-) just kidding ! > > > >What about Antisniff at http://www.l0pht.com/ which says it can "detect > >intruders who have installed "packet sniffers" on a network and are > monitoring > >network traffic" ??? > > > >Chuck > > > >Ed Davidson wrote: > > > >> You forget, these are computers. We can tell them to do something and > leave > >> them for days/months/years at a time to accomplish the task. > >> > >> You can have packet capture software capture what you specify. Do I want > a > >> password for JoeBlow? Tell the software to only capture packets with > >> JoeBlow in them, and then capture all packets from/to JowBlows computer. > >> Save the data to disk. When I come back to my computer, do a find over > the > >> packets for the word JoeBlow. You can kinda tell if the packet is a > signon > >> packet. If it is, the password is in the same packet just under the > signon > >> code. > >> > >> Specify just to capture packets going to a specific IP address, at port > 20, > >> 21, 25, and 110. Passwords are sent in the clear on these ports. > >> > >> The question isn't if you will be hacked, the question is will the hacker > >> get in? My site gets about 44k hits a week, about 1000 unique visitors. > >> Very small by internet standards. About every other day there is someone > >> trying to do something to my internet server that they shouldn't. > >> > >> This information is available all over the internet. Anyone looking for > a > >> thrill can find it and cause damage to someone. > > +--- > | This is the Midrange System Mailing List! > | To submit a new message, send your mail to MIDRANGE-L@midrange.com. > | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. > | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. > | Questions should be directed to the list owner/operator: david@midrange.com > +--- +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
