Hackers Targeting Home Computers

Hack Hawk hh at hackhawk.net
Fri Jan 4 16:08:53 EST 2002 

At 06:54 PM 1/4/02 +0100, Hadmut Danisch wrote:
> > WASHINGTON -- Computer hackers...are turning their sights to home
> > computers that are...less secure than ever before.
>
>On my private computer (DSL, dynamically assigned IP address), I
>detect an increasing density of attack attempts.

I see the same thing here.  But most of its http/web attacks against the 
unicode vulnerability.  Back when code red was out of control I performed a 
little experiment.  I took 5 IP address of Code Red infected servers on DSL 
and tested them for the *very* old (Oct/Nov 2000) unicode 
vulnerability.  All 5 systems had NOT been patched.  Its not surprising 
that I now see virus infected machines trying to attack my systems using 
unicode attack strings.  I guess somebody took the idea one step further 
and developed a virus.

It surprises me that providers like Earthlink & GTE (I have one DSL on 
each) aren't taking measures to filter out virus traffic from infected 
systems.  It seems a simple enough task to me.

It seems to me that the biggest cause of the problems are ignorance and 
lack of concern as the article suggests.  So rather than complain and rant, 
I've setup a non-technical alert list for my friends and family to keep 
them informed and safe.

I try to keep the list fun and easy to read.  Its taken a great deal of 
time and explaining, but slowly more and more of them are beginning to see 
the bigger picture.

My favorite scenario to lay out for my friends is simple and 
effective.  Lets say that a hacker gains control of your computer and uses 
it to attack another site/system.  Lets say that site is a Fortune 500 
company or a military or government site.  Even if you don't get into 
trouble, the FBI could still show up on your door step and take your 
computer away for analysis.  No more email or web for you.  Oh, and they'll 
probably need to sift through your phone records to see if the hacker 
dialed out from your computer.  Kiss your privacy goodbye.

- hawk




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list