Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 25

Thread: How to defend oneself?

  1. #11
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: How to defend oneself?

    Home machines do actually get hacked, and there are a number of good reasons for an attacker to do this if the attack can be achieved easily and in an automated fashion - e.g. user visits a malicious website, a browser based exploit runs on the system, downloads and runs a trojan which is then managed and controlled by infrastructure already in place on the Internet.

    The first reason why this would be worthwhile is to access your online passwords. Primarily online banking (for obvious reasons), but other accounts such as webmail, Facebook etc can be used by attackers to spread either spam or malware.

    The second reason why this would be worthwhile is to access your computing resources - bandwidth, storage, processing power, unique IP address, etc. This can be used to send spam, to take part in clickfraud, to hide the true source of other attacks, to store objectionable material, to perform processor intensive tasks, and to perform DDOS attacks (even DDOS for hire). From this perspective it doesn't matter if you don't store or process any useful information (such as passwords) on your system, its worth attacking just to access its resources.

    Thats just regular home systems though, if your work gives you access to more sensitive information that what is average, a dedicated hack may be worthwhile in your case. Its all really a matter of understanding the threats you are likely to face and taking precautions appropriate to the risk. Determining appropriate security is a balancing act - set it too high and you suffer from increased inconvenience and cost, set it too low and your information can get stolen, modified or be stolen, lost or otherwise made unavailable.


    Quote Originally Posted by killadaninja View Post
    IMHO any sys/net admin that lets somebody, (who does not know how to protect from, nor has been made aware of the risks of taking a work computer home), take one home, has failed.
    The blame the stupid systems administrator routine. Sometimes this might be justified, but it assumes a world where the systems administrator is told about everything that happens on their network or has adequate resources to monitor everything that goes on, and also has final say on everything that happens, and won't get overruled by senior managers who don't want to be inconvenienced. If your world is like that I'm very happy for you. Mine certainly isn't.
    Last edited by lupin; 07-30-2010 at 01:39 AM.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  2. #12
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default Re: How to defend oneself?

    I use this.

    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  3. #13
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: How to defend oneself?

    Wow that looks like a good product Barry.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  4. #14
    Very good friend of the forum killadaninja's Avatar
    Join Date
    Oct 2007
    Location
    London, United Kingdom.
    Posts
    526

    Default Re: How to defend oneself?

    Lupin I am not in the infosec industry it is my foremost interest/hobby but not my living so my world does not consist of blaming admins, from your reply you have made me aware of some of the problems admins may face, I still feel my point is a valid one, surely as someone who controls the security of a businesses computers they should make it their job to at least warn the people, the people that are capable of ruining the very thing you go to work to prevent being ruined, of the dangers? If I were to work as a NET/SYS Admin I would, myself, preach security to the employees as standard, if the management did not want to listen then that would be their prerogative I would atleast go home at night knowing I have done my job best I can.
    Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.

  5. #15
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: How to defend oneself?

    killadaninja, that may be all fine and well, but what if you don't work in the same area as those that would be using your (as a sys. admin's) equipment?
    What if they work in another part of the world? I work at a remote location however the computers are tied into the corporate network. That means we are on our own when it comes to the majority of "problems". I use the term loosely.
    Further what would give you the authority to go about preaching as you put it, to the other employees.
    It could be a mistake or it could be considered mis-charging your labor. You get paid to work in the network closet, not in accounts receivable, as an example.

    Just wanted to post a counter to your above because not all places/ jobs would allow such things that you mention.


    One another note, Happy systems administrators day to those of you reading.
    Last edited by Archangel-Amael; 07-30-2010 at 07:24 PM.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  6. #16
    Very good friend of the forum killadaninja's Avatar
    Join Date
    Oct 2007
    Location
    London, United Kingdom.
    Posts
    526

    Default Re: How to defend oneself?

    That enlightened me Amael, a good example of how things can get difficult, I guess like Lupin says none of our worlds are perfect. I get involved in these "real world" example threads because I feel I get alot out of them, I like to hear about the problems invovlved in the profession to prepare myself for a possible career change over to the infosec world.
    Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.

  7. #17
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default Re: How to defend oneself?

    I'll also say this- beginning hackers LOVE home systems. They'll hack it just so they can increase their status in the hacker circles.
    I can't think of anyone that's gained any notoriety from "hacking" a home system.

    None of the replies in this thread are suggesting that home users should be unconcerned about security, more that following some simple rules or good practices will keep you out of trouble 99 times out of 100. (This is different for business, contractors, etc.)
    Last edited by thorin; 07-30-2010 at 08:19 PM.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  8. #18
    Senior Member skull2006's Avatar
    Join Date
    Jan 2010
    Location
    In my skull
    Posts
    125

    Default Re: How to defend oneself?

    Quote Originally Posted by signofthecross View Post
    One question I have is: how to defend oneself?

    For example:

    I don't click on strange attachments.
    I don't surf to links in e-mails because "my bank has suspended my account".
    I don't go to dubious sites.

    But, having seen the BT Java SET, I think it would be easy to fool me.

    I am using Ubuntu. There are less malicious programs for Linux than for Windows but the SET makes it clear that it works for Windows, Mac, and Linux.

    So, my question is this: if I do have something on my Ubuntu hard drive, and my AV (Clam) does not detect it, then how would you go about looking for it?

    What would someone more knowledgeable than me do? What programs might you use?

    Thanks!
    After you made as you said you will be secure 70% and the 29% it's about what you know about the hacker how they work and 1% it's what you will make stupid thing or good thing.

    That was what i understood from all the Replies, am i correct?

  9. #19
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    6

    Default Re: How to defend oneself?

    The beginner hackers (so-called "script kiddies) do target home systems and their sole intent is "creds", or notoriety among their peers. They take other people's scripts, edit them, put their names on them, then hack home users for no other reason than to prove that they can. Now, an ordinary computer user may not see any benefit from doing so, but to the script kiddies, its all about status in the hacker world. There are four levels of hacker: Script kiddie, black hat, gray hat, and white hat. The script kiddies are the biggest threat to home users but also the easiest ones to defeat (a stateful wirewall, WPA2, and a hidden SSID are really all that is needed). The Script Kiddies are also the ones who go for credit card and bank account login info. The Black Hats mainly target corporations and their main goal is to find company secrets and sell them to rival companies.

  10. #20
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: How to defend oneself?

    Quote Originally Posted by killadaninja View Post
    Lupin I am not in the infosec industry it is my foremost interest/hobby but not my living so my world does not consist of blaming admins, from your reply you have made me aware of some of the problems admins may face, I still feel my point is a valid one, surely as someone who controls the security of a businesses computers they should make it their job to at least warn the people, the people that are capable of ruining the very thing you go to work to prevent being ruined, of the dangers? If I were to work as a NET/SYS Admin I would, myself, preach security to the employees as standard, if the management did not want to listen then that would be their prerogative I would atleast go home at night knowing I have done my job best I can.
    Most companies are recommended to have some sort of security awareness training programs to make staff aware of the potential security issues they might face. It wouldn't usually be the network or system administrators job to run those programs. It's generally outside of their area of responsibility, often outside the area of their specialist knowledge, and they generally won't have the time or the access required to give individual and effective briefings to everyone who might be taking a laptop home for example. With regards to security, a systems administrators responsibilities would usually be to design, configure and manage the system in a secure fashion, but as I mentioned before there may be other factors that prevent this from being done properly.

    Personally I have my doubts about the effectiveness of education in preventing the new breed of IT Security threats. A lot of Systems Administrators I know don't even understand some of the more common threats, which is why I made that comment about it being outside of their area of knowledge earlier. IT Security is becoming highly specialised, and if we cant expect IT staff to understand the issues how do you expect regular staff to? And an inability to understand the threats, leads to an inability to take the threats seriously, which leads to an attitude in the users of "I dont have to care about this security rubbish - we are running antivirus and firewalls so we must be safe".

    There is also the issue of accountibility to consider (or lack of it). A lot of the people who get to make decisions that affect security are not held accountible if something goes wrong, so their incentive is instead focused on reducing cost, and reducing inconvenience to enhance productivity, things their performance is measured against. This is really a failure of management, as matching responsibility with accountibility is core requirement to have a well functioning organisation. Under these circumstances however, its rational for people not to choose good security. This only seems to be different in organisations that have security as part of their core mission (think defence and intelligence agencies) or in organisations that have been burned by security problems before, or where the impact of bad security is very obvious (e.g. banks).

    I guess what Im trying to say is that theres a surprising amount of other factors that affect the provision of effective computer security, and many of them, perhaps the most important of them, are completely out of the control of your average systems administrator. The systems administrator should certainly do the best they can within the bounds of their authority to improve security, but that might not be very much.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Defend & detect against wep attacks
    By Bewpew in forum OLD Newbie Area
    Replies: 3
    Last Post: 03-23-2007, 05:23 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •