Hackers Targeting Home Computers
Hack Hawk
hh at hackhawk.net
Fri Jan 4 16:08:53 EST 2002
At 06:54 PM 1/4/02 +0100, Hadmut Danisch wrote:
> > WASHINGTON -- Computer hackers...are turning their sights to home
> > computers that are...less secure than ever before.
>
>On my private computer (DSL, dynamically assigned IP address), I
>detect an increasing density of attack attempts.
I see the same thing here. But most of its http/web attacks against the
unicode vulnerability. Back when code red was out of control I performed a
little experiment. I took 5 IP address of Code Red infected servers on DSL
and tested them for the *very* old (Oct/Nov 2000) unicode
vulnerability. All 5 systems had NOT been patched. Its not surprising
that I now see virus infected machines trying to attack my systems using
unicode attack strings. I guess somebody took the idea one step further
and developed a virus.
It surprises me that providers like Earthlink & GTE (I have one DSL on
each) aren't taking measures to filter out virus traffic from infected
systems. It seems a simple enough task to me.
It seems to me that the biggest cause of the problems are ignorance and
lack of concern as the article suggests. So rather than complain and rant,
I've setup a non-technical alert list for my friends and family to keep
them informed and safe.
I try to keep the list fun and easy to read. Its taken a great deal of
time and explaining, but slowly more and more of them are beginning to see
the bigger picture.
My favorite scenario to lay out for my friends is simple and
effective. Lets say that a hacker gains control of your computer and uses
it to attack another site/system. Lets say that site is a Fortune 500
company or a military or government site. Even if you don't get into
trouble, the FBI could still show up on your door step and take your
computer away for analysis. No more email or web for you. Oh, and they'll
probably need to sift through your phone records to see if the hacker
dialed out from your computer. Kiss your privacy goodbye.
- hawk
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list