× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. December 2002

RE: Remote Access (Again)

These days, DOS attacks are much more "en vogue" than actual break-ins.
Script-kiddies all over the world are equipped with plug-and-go scripts to
probe machines worldwide while they watch the latest downloaded pirated
movie on their DVD. Packet sniffing is tough and likely more "expensive"
(unless you were specifically targeted) - but what are you (or any admin of
ANY system connected to the Internet) going to do when someone starts
"trying" to log on to your system from the Internet? If you're lucky, he'll
"only" deactivate the logins he's guessed after a few invalid attempts. If
you have a fast link, and the script kiddies can hit any machine from dozens
(or hundreds) of remote hosts simultaneously, a simple dictionary attack on
your logon ids could deactivate every id on your system in short order.

And what can you do? Chances are pretty good the "attacking" IP addresses
will trace back to some (hacked) machine in .RU, .CN, .AR, .KR, or any of a
dozen other countries where you have NO law enforcement options. Once you're
hit by one of these attacks, your only option is to shut down your Internet
connection... So, perhaps before the script-kiddies even get very far in
their "attack" - your only recourse is to complete the DOS attack for them
by cutting off all Internet access. You can't call the cops/FBI on them. You
probably can't get access to the machines the attack is hitting you from -
which you'd need to determine where the attackers REALLY launched the attack
from. Null-route the source-IPs in your router and soon they're coming from
another machine.

Telnet/remote shell access (without encryption/SSH) to the Internet leaves
you a "sitting duck".

Certainly attacks like these aren't that "common"... but all it takes is
"pissing off" (or gaining the attention of) one (wrong) teenager somewhere.
Get your system listed on a target list somewhere and bad things WILL happen
to you... It's easy for them, and the odds are in their favor.

 Chris (been there, got the scars, FBI was no help even after WE located the
attacker) Bartram

-----Original Message-----
From: Adam Lang [mailto:aalang@rutgersinsurance.com]
Sent: Wednesday, December 04, 2002 3:13 PM
To: midrange-l@midrange.com
Subject: Re: Remote Access (Again)

Fine.  We can even remove the packet sniffing scenario.

What about brute force attacks on your server to guess passwords?

And people DO perform industrial espionage.

We are not trying to  instill fear.  We are merely telling cardinal security
rules.  If people want to follow the, that is up to them, but I am not going
to tell them running one of the most insecure services over the public
internet is OK and they have nothing to worry about.

> The internet vandals and thieves will be seen as a business risk just like
> the real world vandals and thieves.

Yeah, but does that mean you shuold leave your door unlocked to your office
because of the odds fo someone walkign up inside and taking stuff is low?

On a further note, privacy of your data on the Internet is extremely
underappreciated.  With the amount of clear text that flows and the
increased amount fo ability the government is giving itself to probe
internet backbones for information, it IS soemthign people, especially IT
people, shuold keep in mind.

Adam Lang
Systems Engineer
Rutgers Casualty Insurance Company
http://www.rutgersinsurance.com
----- Original Message -----
From: "Booth Martin" <Booth@MartinVT.com>
To: <midrange-l@midrange.com>
Sent: Wednesday, December 04, 2002 3:00 PM
Subject: RE: Remote Access (Again)

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.