Re: new topic-professional hacking tecniques

["REID FOX" <reidfox () direct ca>]

Matt wrote:
> You assume a relatively high level of knowledge of the parents....
> I mean your basically asking to hold someones hand through a search
> of their system for these programs.
<answer>
// most people who own home computers are fairly adept at knowing what
applications theyre running and what is installed.
they are on their own for most anything else like installing, uninstalling,
cut @ paste , search filesystem etc.
and if theyre running windoze theyve already reformatted their hard drive ,
had several crashes ,blue screens of death, fatal exception errors etc etc
theyve seen it all    <grins>
I know it could turn into a hand holding session very easily but that would
depend on the one being intruded upon you could just say "seek professional
assistance" the thing is that at least now the poor guy is aware that
something is wrong. You or anyone can protect these people only so much, I
think people (especially those who have been compromised already) should be
aware of certain words to recognise as bad  (cracker, hacker, back orifice,
exe e mail attatchments etc)
I get regular newsletters from my current ISP and they are doing a good job
explaining all these things - normal people read these.
Even if you have the best antivirus would you open an e-mail with melissa
attatchment ? the virus gurus use education as one of their most useful
tools- they also educate the public about what to avoid.
Reid
Matt wrote:
Kids tend to know a lot more
> about the computers then the parents.

<answer>that is becoming less true everyday
Im 38 yr old grandfather I know computers better than any of my kids.
My 4 yr old loads, plays, games- shuts down properly- uses the mouse like a
pro.
my 16 yr old uses wordperfect8 very well, downloads and sets up ICQ, uses
e-mail attatchments, types 10 times faster than me.
(just wish she would stop receiving e-mail attatchments from all her
net-freinds)
Another 10 yrs and these kids are way into computer terms and knowledge of
"how they work" even in kindergarten these days the kids arnt learning like
we did they are being "data oriented"
Reid

Matt wrote:
> besides if you started contacting the people directly then crackers
> are just going to start filtering the mail first so their parents
> never get the message.
<answer>
people list the e-mail of the person paying the bill on the whois list
do kids read their parents e-mail? some but not all
most business people on the net check e-mail first thing in the morning .
Also I am not assuming that all ISP's use static IP addressing I would think
that most would be dynamic.
Im just stating that there would be an advantage to this type of system
rather than everyone being "unknown"
ISP's are getting very large now , why do we have tens of thousands of
untracable IP's floating around in one domain? Isnt this a hackers dream?
they ARE tracable but only by the ISP. Do they want to do all this tracing?
I think not.
Anyone read that article in TIME about a subnet called "hotline"?
apparently it has become a computer 'underworld' lots of cracks of any
software- hacking techniques - you name it
It is supposed to have a very fast download ability that is why it has
become a fav of cracks, sex sites etc.
Reid
>


-----Original Message-----
From: Matt Doughty <doughtym () bsjkk co jp>
To: REID FOX <reidfox () direct ca>
Cc: firewall-wizards () nfr net <firewall-wizards () nfr net>
Date: Thursday, November 04, 1999 9:37 PM
Subject: Re: new topic-professional hacking tecniques


> On Wed, Nov 03, 1999 at 10:29:26AM -0800, REID FOX wrote:
> > >
> > However if say ISP's start to use static IP addresses for their client's
> > then perhaps the ISP's could post a directory (a whois)  not with any
> > sensitive personal info but maybe just an e-mail and a name. That would
make
> > users more accountable just as Domains are accountable (or known) on the
> > net. I cant see any honest client having a big problem with that. Like I
> > said before this is no security cure but it is however a step in the
right
> > direction.
> > eg. Your getting some degree of attack from a certain IP regularly.
> > You trace it back to an ISP look it up in the ISP's whois list
> > e-mail the person "are you aware of ......? If this continues your ISP
will
> > be notified ...."
> > the next day you get a reply from a parent of some script kid  "I use
this
> > PC for business ..... dont know whats happening"
> > send reply "If you have portscan , crackers. BO Netbus etc on your system
> > then someone is using your PC unethically, you should uninstall these
> > applications otherwise your system has been compromised etc etc.."
> > I am sure that an honest person wether they know computers or not would
> > promptly deal with it  and if your lucky and the person does know a
little
> > bit about these things then now the seasoned hacker is unaware that his
mask
> > is off.
> > The advantage of this is
> > 1: If it's a teen then the parents are informed without getting into
trouble
> > with their ISP  (ISP dont need to be involved)
> > 2: Also the parents do not allow this to continue because they now know
what
> > certain apps are.  (cracker BO Netbus etc) where before they had no idea
> > what their kids were capable of doing with these strange programs.
> > 3: The new ISP when the parents get sucked into thinking that they were
> > wrongfully cut off, does not have to deal with it.
> > 4: One more future hacker on the road to ethics.
> > Now the question is who has to deal with this growing problem?
> > The ISP's or the Parents?