Firewall Wizards mailing list archives
Re: new topic-professional hacking tecniques
From: "REID FOX" <reidfox () direct ca>
Date: Fri, 5 Nov 1999 01:16:21 -0800
Matt wrote:
You assume a relatively high level of knowledge of the parents.... I mean your basically asking to hold someones hand through a search of their system for these programs.
<answer> // most people who own home computers are fairly adept at knowing what applications theyre running and what is installed. they are on their own for most anything else like installing, uninstalling, cut @ paste , search filesystem etc. and if theyre running windoze theyve already reformatted their hard drive , had several crashes ,blue screens of death, fatal exception errors etc etc theyve seen it all <grins> I know it could turn into a hand holding session very easily but that would depend on the one being intruded upon you could just say "seek professional assistance" the thing is that at least now the poor guy is aware that something is wrong. You or anyone can protect these people only so much, I think people (especially those who have been compromised already) should be aware of certain words to recognise as bad (cracker, hacker, back orifice, exe e mail attatchments etc) I get regular newsletters from my current ISP and they are doing a good job explaining all these things - normal people read these. Even if you have the best antivirus would you open an e-mail with melissa attatchment ? the virus gurus use education as one of their most useful tools- they also educate the public about what to avoid. Reid Matt wrote: Kids tend to know a lot more
about the computers then the parents.
<answer>that is becoming less true everyday Im 38 yr old grandfather I know computers better than any of my kids. My 4 yr old loads, plays, games- shuts down properly- uses the mouse like a pro. my 16 yr old uses wordperfect8 very well, downloads and sets up ICQ, uses e-mail attatchments, types 10 times faster than me. (just wish she would stop receiving e-mail attatchments from all her net-freinds) Another 10 yrs and these kids are way into computer terms and knowledge of "how they work" even in kindergarten these days the kids arnt learning like we did they are being "data oriented" Reid Matt wrote:
besides if you started contacting the people directly then crackers are just going to start filtering the mail first so their parents never get the message.
<answer> people list the e-mail of the person paying the bill on the whois list do kids read their parents e-mail? some but not all most business people on the net check e-mail first thing in the morning . Also I am not assuming that all ISP's use static IP addressing I would think that most would be dynamic. Im just stating that there would be an advantage to this type of system rather than everyone being "unknown" ISP's are getting very large now , why do we have tens of thousands of untracable IP's floating around in one domain? Isnt this a hackers dream? they ARE tracable but only by the ISP. Do they want to do all this tracing? I think not. Anyone read that article in TIME about a subnet called "hotline"? apparently it has become a computer 'underworld' lots of cracks of any software- hacking techniques - you name it It is supposed to have a very fast download ability that is why it has become a fav of cracks, sex sites etc. Reid
-----Original Message----- From: Matt Doughty <doughtym () bsjkk co jp> To: REID FOX <reidfox () direct ca> Cc: firewall-wizards () nfr net <firewall-wizards () nfr net> Date: Thursday, November 04, 1999 9:37 PM Subject: Re: new topic-professional hacking tecniques
On Wed, Nov 03, 1999 at 10:29:26AM -0800, REID FOX wrote:However if say ISP's start to use static IP addresses for their client's then perhaps the ISP's could post a directory (a whois) not with any sensitive personal info but maybe just an e-mail and a name. That would
make
users more accountable just as Domains are accountable (or known) on the net. I cant see any honest client having a big problem with that. Like I said before this is no security cure but it is however a step in the
right
direction. eg. Your getting some degree of attack from a certain IP regularly. You trace it back to an ISP look it up in the ISP's whois list e-mail the person "are you aware of ......? If this continues your ISP
will
be notified ...." the next day you get a reply from a parent of some script kid "I use
this
PC for business ..... dont know whats happening" send reply "If you have portscan , crackers. BO Netbus etc on your system then someone is using your PC unethically, you should uninstall these applications otherwise your system has been compromised etc etc.." I am sure that an honest person wether they know computers or not would promptly deal with it and if your lucky and the person does know a
little
bit about these things then now the seasoned hacker is unaware that his
mask
is off. The advantage of this is 1: If it's a teen then the parents are informed without getting into
trouble
with their ISP (ISP dont need to be involved) 2: Also the parents do not allow this to continue because they now know
what
certain apps are. (cracker BO Netbus etc) where before they had no idea what their kids were capable of doing with these strange programs. 3: The new ISP when the parents get sucked into thinking that they were wrongfully cut off, does not have to deal with it. 4: One more future hacker on the road to ethics. Now the question is who has to deal with this growing problem? The ISP's or the Parents?
Current thread:
- new topic-professional hacking tecniques REID FOX (Nov 02)
- <Possible follow-ups>
- Re: new topic-professional hacking tecniques Steven M. Bellovin (Nov 04)
- Re: new topic-professional hacking tecniques REID FOX (Nov 04)
- Re: new topic-professional hacking tecniques Matt Doughty (Nov 05)
- Re: new topic-professional hacking tecniques Steven Osman (Nov 08)
- Re: new topic-professional hacking tecniques dreamwvr (Nov 09)
- Re: new topic-professional hacking tecniques R. DuFresne (Nov 10)
- Re: new topic-professional hacking tecniques Johann G. Hautzinger (Nov 10)
- Re: new topic-professional hacking tecniques Matt Doughty (Nov 05)
- Re: new topic-professional hacking tecniques Saravana Ram (Nov 06)