Re: Newspaper Article about Cable Modem security

[Robert Graham <robert_david_graham () yahoo com>]

--- Steven Osman <sosman () terratron com> wrote:
> Your statement is assuming that a hacker will use his designated IP address
> to perform the hacking.  That's like saying "well, if we get hacked over a
> dialup connection, we'll just trace the call and then there is no question
> about who to blame!"  

I think cable-modems and DSL lines are becoming THE prefered way that hackers
cover their tracks. Home users are not likely to detect any attempts against
them, so script-kiddies are first compromising these systems, then using them
to attack companies/military.. I've seen several times where people backtrack
an attack to a cable-modem/DSL user, and find a compromised machine.

For example, somebody has been attempting a slow scan of our network for about
2 months now. The source is a PacBell DSL line. Now, if I were a hacker, I
wouldn't use my own DSL connection, because it can cost lots of $$$ when I get
booted off. I can only assume that somebody compromised a home machine, and is
using that machine to carry out their attack.

Rob.



=====
Robert Graham
"Anxiously awaiting the millenium so I can start programming
dates with 2-digits again."
__________________________________________________
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com