[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: security on Dial-up Systems
On Wed, 30 Jul 1997 gal@netvision.net.il wrote:
> Do hackers really look for home computers connected with dynamic IP to crack
> into?
That probably depends on your definition of 'hackers'. It is not uncommong
to notice somebody has grabbed your dynamic IP (either by blindly trying a
range, or by other means, such as IRC), and now tries to see if he can
cause some damage.
It has happened to me twice (no harm was done, as expected).
Few days ago somebody suggested that I'd set the CTCP VERSION reply of my
IRC client to mIRC (or some other Windows client). At first, nothing
happened, and I got tired and stopped paying attention to tcpdump's log.
After a few hours, though, I found out that two people tried to crash my
"Windows" using the OOB bug (port 139). Why? Because.
Give it a try, sometime. Say in #linux or #unix that you offer a 'guest'
telnet account (with gcc). Count to 20, and you'll have 5 users trying to
run whatever exploits they've encountered lately. Rather cute, watching
people in ttysnoop (some of them not being aware I can do that).
A word of advice (correct me if I'm wrong) - get the Linux non-executable
stack patch. To the extent of my experiments, it has proven to be quite
effective against buffer-overrun exploits, that compose the majority of
Linux exploits, as far as I know. 'qmail' is probably another good word of
advice.
Nimrod
Follow-Ups: