Hackers Targeting Home Computers
Hadmut Danisch
hadmut at danisch.de
Fri Jan 4 14:59:22 EST 2002
On Fri, Jan 04, 2002 at 11:42:27AM -0800, Jeff Simmons wrote:
>
> Unless I'm misunderstanding you, I find this hard to believe.
>
> On my computer (DSL, fixed IP), which is pretty heavily monitored, I'm
> detecting only a few, maybe up to a dozen, actual attacks a day. Most of
> them are from well-known root kits, targeting old vulnerabilities. Sunrpc,
> lpr, imap, and anonymous ftp seem to be popular. Most attacks come from
> Asia, eastern Europe used to be popular, but seems to have died down
> recently.
>
> The only way I could get anywhere near your numbers is to count all of the
> Windows-based http attacks coming from automated worms and the like.
>
> I'd be interested in hearing from others what kind and frequency of attacks
> they're experiencing.
There's good reason for the different results.
I'm located in Germany and my DSL line is from "Deutsche Telekom"
(T-DSL, T-Online). This is by far the biggest provider in
Germany for private DSL internet access, and they also do
provide large numbers of modem and ISDN accounts. They use
a few very well known ip address ranges for all DSL, modem and
ISDN customers. Scanning the T-Online address ranges allows you
to find heaps of german private computers. Many of the attacks
I detect come from within the T-Online network, others often come from
the countries you describe. I compared results with some of the
colleagues results and with results we get from commercial firewalls
at the same time. There is a significant difference. It
appears that the T-Online network ranges are a favored
target of many hackers/scanners/script kiddies.
There's no doubt that some attackers prefer attacking private
computers and select address ranges where they find most of
these computers.
Hadmut
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list