Firewall Wizards mailing list archives
Re: new topic-professional hacking tecniques
From: "REID FOX" <reidfox () direct ca>
Date: Wed, 3 Nov 1999 10:29:26 -0800
-----Original Message----- From: Steven M. Bellovin <smb () research att com> To: REID FOX <reidfox () direct ca> Cc: firewall-wizards () nfr net <firewall-wizards () nfr net> Date: Wednesday, November 03, 1999 7:13 AM Subject: Re: new topic-professional hacking tecniques
In message <007901bf255e$5ecfe660$1753f4cc@reidfox>, "REID FOX" writes:On a cable system where they are assigned a static IP and when their
system
will tend to be online more often however you may trace directly to their "parents" PC . Therefore it may be possible to resolve the problem directly without even bothering to notify ISP's who im sure have better things to do. Basically my statement says there are certain advantages to a static IP system over a dynamicly assighned IP system for non-spoofing hackers. So in some cases this may be easier than dealing with an ISP and his IP
pool
who has better things to do.One note: if the source IP is recorded along with a timestamp, an ISP
should
have logs indicating which account was using that IP at that time. There are of course instances where the source IP doesn't show up (from a
slightly
more intelligent attack), but these instances would not reveal a cablemodem IP either. Sean
I was simply stating that with a static IP system it would be possible to identify an individual customer without aid from the ISP Reid
First, don't assume that all cable systems assign static IP addresses --
some
don't. Some even use NAT, so that you can only reach someone more or less contemporaneously with the time they're annoying you. Besides -- what can you do to them that is legal and ethical? --Steve Bellovin Legal and Ethical ? Right now there are only two choices .
1: e-mail the ISP and ask them to deal with it 2:block that ISP from access.
However if say ISP's start to use static IP addresses for their client's then perhaps the ISP's could post a directory (a whois) not with any sensitive personal info but maybe just an e-mail and a name. That would make users more accountable just as Domains are accountable (or known) on the net. I cant see any honest client having a big problem with that. Like I said before this is no security cure but it is however a step in the right direction. eg. Your getting some degree of attack from a certain IP regularly. You trace it back to an ISP look it up in the ISP's whois list e-mail the person "are you aware of ......? If this continues your ISP will be notified ...." the next day you get a reply from a parent of some script kid "I use this PC for business ..... dont know whats happening" send reply "If you have portscan , crackers. BO Netbus etc on your system then someone is using your PC unethically, you should uninstall these applications otherwise your system has been compromised etc etc.." I am sure that an honest person wether they know computers or not would promptly deal with it and if your lucky and the person does know a little bit about these things then now the seasoned hacker is unaware that his mask is off. The advantage of this is 1: If it's a teen then the parents are informed without getting into trouble with their ISP (ISP dont need to be involved) 2: Also the parents do not allow this to continue because they now know what certain apps are. (cracker BO Netbus etc) where before they had no idea what their kids were capable of doing with these strange programs. 3: The new ISP when the parents get sucked into thinking that they were wrongfully cut off, does not have to deal with it. 4: One more future hacker on the road to ethics. Now the question is who has to deal with this growing problem? The ISP's or the Parents?
Current thread:
- new topic-professional hacking tecniques REID FOX (Nov 02)
- <Possible follow-ups>
- Re: new topic-professional hacking tecniques Steven M. Bellovin (Nov 04)
- Re: new topic-professional hacking tecniques REID FOX (Nov 04)
- Re: new topic-professional hacking tecniques Matt Doughty (Nov 05)
- Re: new topic-professional hacking tecniques Steven Osman (Nov 08)
- Re: new topic-professional hacking tecniques dreamwvr (Nov 09)
- Re: new topic-professional hacking tecniques R. DuFresne (Nov 10)
- Re: new topic-professional hacking tecniques Johann G. Hautzinger (Nov 10)
- Re: new topic-professional hacking tecniques Matt Doughty (Nov 05)
- Re: new topic-professional hacking tecniques Saravana Ram (Nov 06)