D
Durzel
Guest
- Thread starter
- #2
I wonder how much of this is attributable to autonomous scripts (ala Code Red worm, etc) and script kiddiez as opposed to what I would call real hacking - a genuine attempt by a single individual (or indeed group) to comprimise a clearly defined target.
I used to get portscans and various other exploit scans on my firewall at home on my cable modem. 99% of these could be put down to some fool blindly scanning entire IP ranges with "known" exploits that had been patched months ago. Very rarely did I find anyone actually specifically targeting my PC.
I've given up logging every single port scan, rpc.statd exploit sweep (a common favourite for script kiddiez), etc on the Linux servers here at work simply because the logfiles generated were immense. Nowadays I've got it set to log only repeated offenders, etc
I used to get portscans and various other exploit scans on my firewall at home on my cable modem. 99% of these could be put down to some fool blindly scanning entire IP ranges with "known" exploits that had been patched months ago. Very rarely did I find anyone actually specifically targeting my PC.
I've given up logging every single port scan, rpc.statd exploit sweep (a common favourite for script kiddiez), etc on the Linux servers here at work simply because the logfiles generated were immense. Nowadays I've got it set to log only repeated offenders, etc
M
Mr_Horus
Guest
- Thread starter
- #3
Thats cos its prolly Data trying to annoy you
T
Testin da Cable
Guest
- Thread starter
- #4
script kiddiots are all alike anal pain heh
imho, 99.repeater9 of the stuff you see/hear/read is done by some waste of carbon using something he/she doesn't even understand.
imho, 99.repeater9 of the stuff you see/hear/read is done by some waste of carbon using something he/she doesn't even understand.
S
Sir Frizz
Guest
- Thread starter
- #5
As the computer industry grows, so would the amount of everything associated with it like hacking because the number of people on computers would rise and the amount of people who are heckers would aswell(touch wood)
S
stu
Guest
- Thread starter
- #6
grc.com has an interesting story about Steve Gibson's encounter with a 13 year old script kiddie. It's quite funny when Gibson reverse engineers the lad's bot and uses it to spy on him.
W
Wazzerphuk
Guest
- Thread starter
- #7
TDC hacked his ISP today. He just told me.
W
Wazzerphuk
Guest
- Thread starter
- #8
testin_da_cable (ICQ#123483611) Wrote:
lol uR a F3D trng 2 tr|cK m3H!!!!#23
I am 3733+ h4X0R!!!
u caNt c4+cH m#####33!!!1
I w|lL fIng3R uR p0rT!!!2
see?
lol uR a F3D trng 2 tr|cK m3H!!!!#23
I am 3733+ h4X0R!!!
u caNt c4+cH m#####33!!!1
I w|lL fIng3R uR p0rT!!!2
see?
T
Testin da Cable
Guest
- Thread starter
- #9
AAAH IVE BEEN MADE!!!!221
W
Will
Guest
- Thread starter
- #10
TDC - say it ain't so...
T
Testin da Cable
Guest
- Thread starter
- #11
LIES!!
S
Summo
Guest
- Thread starter
- #12
Can't dispute that evidence.
C
Ch3tan
Guest
- Thread starter
- #13
Id be very worried wazz
T
Testin da Cable
Guest
- Thread starter
- #14
I will strike when he least expects it
W
Wazzerphuk
Guest
- Thread starter
- #15
He's already found my pr0n (
(
T
Testin da Cable
Guest
- Thread starter
- #16
and your mp3's
and your avi's
and that err 'other' stuff you kept in that hidden directory
and your avi's
and that err 'other' stuff you kept in that hidden directory
W
Wazzerphuk
Guest
- Thread starter
- #17
testin_da_cable (ICQ#123483611) Wrote:
nooo I only cyberterrorize money grubbing mega corps that squeeze the last droplet of hard earned dough out of their consumers in return for a measily ickle bit 'o bandwi....oh never mind
eeep
nooo I only cyberterrorize money grubbing mega corps that squeeze the last droplet of hard earned dough out of their consumers in return for a measily ickle bit 'o bandwi....oh never mind
eeep
W
Wazzerphuk
Guest
- Thread starter
- #18
mp3s aren't hard to find, there's over 2000 of the buggers in e:\mp3
X
xane
Guest
- Thread starter
- #19
Like Durzel I get scanned by those "blind" probes far too often, but last night someone scanned me for the rpc.cmsd exploit for Sun/UNIX, although the firewall blocked it, unfortunately it was sufficient to knock me out of my online game
I got a full trace back, it looked like an ADSL line, and reported the details to the ISP. Being a fixed IP my evil mind is contemplating revenge
The ONLY way to deal with script kiddies is to get them reported, however, if the business of reporting every single attack is too much work, then use an automatic service.
http://www.mynetwatchman.com or http://www.dshield.org/ will give you a small client program that periodically processes and downloads your firewall log to their site where it is amalgamated into their database. This gives good analysis results, script kiddies will be easily spotted as the same IP will start to turn up at different places. They will do the business of reporting the attacks.
I got a full trace back, it looked like an ADSL line, and reported the details to the ISP. Being a fixed IP my evil mind is contemplating revenge
The ONLY way to deal with script kiddies is to get them reported, however, if the business of reporting every single attack is too much work, then use an automatic service.
http://www.mynetwatchman.com or http://www.dshield.org/ will give you a small client program that periodically processes and downloads your firewall log to their site where it is amalgamated into their database. This gives good analysis results, script kiddies will be easily spotted as the same IP will start to turn up at different places. They will do the business of reporting the attacks.
E
Embattle
Guest
- Thread starter
- #20
The worse attack so far today acording to blackice is a subseven port probe...what ever that is
S
stu
Guest
- Thread starter
- #21
camazotz: ADSL (at least the home version) isn't fixed IP, it's dynamic
Embattle: BlackICE is a really, REALLY shit Firewall. Don't take my word for it tho...
from grc.com
"And other firewalls such as BlackICE Defender, Conseal PC Firewall, and Lockdown 2000 were not even mentioned here because they offer NO PROTECTION and control against the very real threat represented by outbound Trojan, virus, and spyware communications. (LeakTest merrily communicates out through these firewalls without any trouble.)"
"As far as I could tell, BlackICE Defender had ABSOLUTELY NO EFFECT WHATSOEVER on the dialogs being held by the Zombies and Trojans running inside the poor "Sitting Duck" laptop. I knew that BlackICE Defender was a lame personal firewall, but this even surprised me.
The Zombie/Bot happily connected without a hitch to its IRC chat server to await further instructions. The Sub7 Trojan sent off its eMail containing the machine's IP and the port where it was listening. Then it connected and logged itself into the Sub7 IRC server, repeating the disclosure of the machine's IP address and awaiting port number. No alerts were raised, nothing was flashing in the system tray. The Trojans were not hampered and I received no indication that anything wrong or dangerous was going on.
I performed one final test: As I had with ZoneAlarm, I attempted to connect to the Sub7Server Trojan running inside the "Sitting Duck" machine on the IP and listening port number the Trojan was advertising all over the Internet . . . and it worked perfectly. I received Sub7's "PWD" prompt asking me to login."
Embattle: BlackICE is a really, REALLY shit Firewall. Don't take my word for it tho...
from grc.com
"And other firewalls such as BlackICE Defender, Conseal PC Firewall, and Lockdown 2000 were not even mentioned here because they offer NO PROTECTION and control against the very real threat represented by outbound Trojan, virus, and spyware communications. (LeakTest merrily communicates out through these firewalls without any trouble.)"
"As far as I could tell, BlackICE Defender had ABSOLUTELY NO EFFECT WHATSOEVER on the dialogs being held by the Zombies and Trojans running inside the poor "Sitting Duck" laptop. I knew that BlackICE Defender was a lame personal firewall, but this even surprised me.
The Zombie/Bot happily connected without a hitch to its IRC chat server to await further instructions. The Sub7 Trojan sent off its eMail containing the machine's IP and the port where it was listening. Then it connected and logged itself into the Sub7 IRC server, repeating the disclosure of the machine's IP address and awaiting port number. No alerts were raised, nothing was flashing in the system tray. The Trojans were not hampered and I received no indication that anything wrong or dangerous was going on.
I performed one final test: As I had with ZoneAlarm, I attempted to connect to the Sub7Server Trojan running inside the "Sitting Duck" machine on the IP and listening port number the Trojan was advertising all over the Internet . . . and it worked perfectly. I received Sub7's "PWD" prompt asking me to login."
T
Testin da Cable
Guest
- Thread starter
- #23
but he also knows his stuff
G
gremlin
Guest
- Thread starter
- #24
Yes, in the same way that the drunk irish guy sitting on the park bench with a can of special brew in his hand is completely and utterly convinced he knows everything about nuclear physics
T
Testin da Cable
Guest
- Thread starter
- #25
heh cracking is easy
nuclear physics is hard [to spell]
nuclear physics is hard [to spell]
O
old.TUG
Guest
- Thread starter
- #26
TDC hacked into my peecee and installed netbus and elite
wot a wanker
wot a wanker
T
Testin da Cable
Guest
- Thread starter
- #27
heh stabbed in the back
E
Embattle
Guest
- Thread starter
- #28
Yes I've read he reviews but I get pissed off with zonealarm always asking me to allow the same shit I've already ticked to allow always.
T
Testin da Cable
Guest
- Thread starter
- #29
hmm I never had to do that Emb. Once was enough. Perhaps j00 have a h4X0r3d version that connects you to every bo network that ever was.
W
Will
Guest
- Thread starter
- #30
Taken from BBC News - everyone laugh at M$.