Forgot your password?
typodupeerror
This discussion has been archived. No new comments can be posted.

Dvorak Takes On The Crackers

Comments Filter:
  • As always, Dvorak writes well and concisly. and it definately looks like we will be needing Black ICE Defender in the near future when we finally get dsl here in oz
    \\||//
    ----ooo00ooo----
  • by rde (17364) on Wednesday October 06, 1999 @12:43AM (#1634588)
    In fact, I suspect one is underway already, although I have no evidence of it. It's just a sense I have.
    I had the same feeling. It's like millions of port scanners were logging hackable ports, and then were suddenly silent.
  • I had already started wondering about what to do when (A)DSL finally gets to be widespread in the UK.

    I'm already sharing several machines across my dial-up access, but I'm on for such short periods and at such odd times, that I've never really been too worried about any kind of firewall.

    However, (A)DSL is going to change things rather quickly I would have thought - time to start collecting lists of GPL'ed or Freeware firewall products me thinks.
  • What punishment would be appropriate for these "kids" who get their hands on some programs and start mesing around? How far is too far? Try catching everyone that has ever used a ping attack. Would their be a fair way to bust people? Could you arrest somon because they were "at the wrong place at the right time"? I don't think that their is a way to control what is happening. At least not from the standpoint of some sort of law enforcement. The internet by nature will be hard to regulate, but do we want to regulate it the same way we regulate laws such as J-walking? If it possible to enforce laws about the internet the same way as we would try to enforce laws that can be physically proven? What kind of investigations would we conduct and what kind of evidence would we use to prove a case?

    This is why the internet will never be (completely) regulated.. At least not in the forseeable future. Do we really want to have everything we do watched? I think not..

    ((Mark this what you will.. I just went off and it is late))
  • by Anonymous Coward
    Why publications let articles in, writen by people that have NO CLUE what they are talking about!?

    The suspected Smurf attack came from an @Home user.

    If this moron knows how smurf works, he would know that the IP address of 'attacker' can not be seen - because it does NOT exist. You send a spoofed request to 'amplifiers', that then respond (those are just broadcast addresses) to the spoofed IP - which is the 'target' IP.

    So, if I 'smurf' him, how is he going to get my IP address, when it's not sent to him?! What a moron... And then some people will read this crappy article, say "God, this man is so knowledgable", and follow the 'instructions'; but won't realize that all they see is - misinformation.

    Usual crappy writing by Dvorak... That man should kill himself - he's really clueless.
  • ...invent some router or switch that can be programmed with some kinda of connection login?

    IE...wouldn't DoS attacks become impossible if routers could be programmed with somethink like "if number of packets from A to B on port X > Y, drop connection A". Sorta like how most IRC servers have flood protection, where if you try to flood the IRC server with information requests (in an attempt to split that server from the network), the server simply disconnects you. Or how mail servers that detect you are sending "too much mail" can drop your connection until they can see if you are a potential spammer"

    The technology clearly exists to cap transfer rate (as @Home does with my connection) so why can't it simply have a quote assigned to abused ports like what ping, tracert, NetBios, and the various trojans use?

    Blocking the traffic at the endpoint slows down every connection along the way. Internet service providers who don't want to support this kind of traffic should be able to automatically disconnect
    you if are being abusive. It might also be possible to monitor WHAT is being sent (multiple packets that contain the exact same thing). This forces the attacker to generate some kinda of random information...which increases the size of the connection transmission and slows them down.

    I clearly know nothing about this, or I'm sure someone would have such a device already, so I'm interested in seeing why this type of protection is not possible.

    - JoeShmoe

    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-
  • This man does not know the difference between Script Kiddies, $%! Crackers and Hackers, does he?
  • "Smurf attack came from an @Home user. I have his IP address..."
    Correct me if I'm wrong but... the IP address of a smurfed packet show the targets IP address rather than the attackers. Bad Person A sends an ICMP Ping packet to an broadcast address with the packets source address spoofed to look like it came from victem B. So all the (broken/misconfigured) hosts on the network respond to the broadcast ping and send their reply to the victem. A sends 1 packet, B gets (up to) 254 packets and dies.
    Just worries me that some (possibly) innocent user is now going to get hasseled becasuse Dvorak put the hard word on @Home (and maybe @Home listened to save embarasment on Dvorak's website.) Actually I doubt it would really come to that in this case but it's a distrubing notion. Yes crackers/script kiddies are bad. But theres no TurnKey solution to them like BlackICE(what ever that is). If you don't know what your security monitor is telling or what to about it you're no better off. Maybe worse of for thinking yourself safe when you're not.
  • I am unfamiliar with BlackICE beyond the fact that it is a firewall program... I am planning to run my DSL thru a linux system at my home. I assume if I use private IP addresses for my other computers they will be safe unless my router/proxy server gets rooted. Beyond the security updates, what do I need to do to secure my home network?
  • by jflynn (61543) on Wednesday October 06, 1999 @01:10AM (#1634597)
    I thought Dvorak made one good point. Making examples of script kiddies will reduce their numbers but transform the remainder into really angry and careful hackers.

    This situation isn't much different from drugs, as long as people want to do them, a way will be found. All law enforcement can do is arrest the least talented and make the rest more cautious and better armed.

    I'd prefer to see hacking winked at, but actual damage responded to in a proportionate matter. If someone hacks a hospital and someone dies, that's murder, laws exist. If someone brings a financial system down, that's war or terrorism, call out the troops. We need to get across the idea that stupid hackers are those that damage, not those that can simply be caught.
  • by MrDelSarto (95771) on Wednesday October 06, 1999 @01:15AM (#1634598) Homepage
    hacking is the under-age drinking for geeks. practically everyone has had a go at it (how many people can honestly say they've never even had a guess at a root password?) but how can you stop it? well, i don't think this is rethorical. i'm only a lowly undergraduate, but in my younger years i've spent many hours trying to break my highschools lousy nt network (they give me too much work at uni to have time now). i never bothered outside school, but others i know did (playing the same old tricks with port scanners, etc..) here are some ideas i've had and would have liked to and most probably particpated in:

    * an online programming comp : sure schools run them, but it often takes teams of four or five and you have to travel and have a teacher in on it, etc etc. often, at a small school like mine it's hard to find 5 friends who know enough/care enough to enter with you. if you could do it online, by yourself, you could really test yourself against some challenging problems and peers. i did a fantastic uni assignment where we wrote java robots that played against each other in a constant battle ; everyone was ranked by how much money they made ...something like that maybe?

    *a teengnu project, or something like that. sure, at highschool i didn't know about good programming techniques, oo theory, data structures, etc ... but i would have loved to learn. we don't know enough to start contributing to kernal code, but surely there is something we could put together?

    *a online buddy system with undergraduates or something, passing on linux/programming tips to a new generation. if someone had of told me about, for example, binary trees, i'm sure i could have researched and implemented them in highschool (maybe to kick ass in the online programming comp battle thing!)

    * put your ideas here! you've all been (or are, bored teenagers, what would you have liked?

  • Many organisations are very lax on security, mostly due to the fact that management are clueless.

    The site I currently contracting for will soon be rolling out an internet based financial system, which is planned to go live next month. (I won't give too many details).

    The specifications for both the OS of the web server and the intrusion detection systems have changed this week. The whole system has been badly planned from the outset.

    The intrusion detection systems are of the hardware only system - how the hell are they going to keep them up-to-date with the latest attacks?

    I hope that they get stung badly when it goes live, and I hope that leads to dimissals of many of the complacent management here.

  • Other problems come into the issue of prosectuing hackers (read crackers) when you consider the very nature of the system used by them, the internet. That is, the hacker does not need to be in the same place (or even country) as the system they are trying to hack/crack/infiltrate, so if they are to be prosecuted for any damage done, whos laws are followed? The country in which the damage was done, they country the hacker is in, or should new provisions in international laws be made? And what about countries that are hostile, or simply decide not to submit to the system used? Should the prosecuting country invade them (being ofcourse the extreme case). Then we run into the problems of wrongful prosecution, which although provided for in conventional law, is a much easier mistake to make in an online environment when the hacker is good and decides to take adequate precautions against getting caught. Electronic fingerprints are much easier to fake than real ones...
  • IE...wouldn't DoS attacks become impossible if routers could be programmed with somethink like "if number of packets from A to B on port X > Y, drop connection A". Sorta like how most IRC servers have flood protection, IE...wouldn't DoS attacks become impossible if routers could be programmed with somethink like "if number of packets from A

    If this ever will be used, "reverse" DoS attacks will be rampant -- it will be enough to pretend that victim's address is trying to do something "bad" (and it will be easy because checks can't implement complex checks against spoofing because then they will become CPU-intensitive and will be a victims for DoS against them), and legitimate packets from that address will be blocked by "secure" router.

  • Skimming traffic isn't that hard to do, and is already available. The issue with that is along the lines of purpose of engineering. Routers are designed to do one thing (series of things) and to do them fast and well with little overhead. As you add more and more "functionality", the device becomes more and more of a server that routes, and resource costs become more intensive.

    The trip to stopping/paring this down is not to make better defenses, rather to make it more difficult to get away with. Any bank can be robbed, but with good logging and attentive surveilance, less will get away with it. Then of course laws and punishment come into play...yada yada yada...
  • This system has nothing to do with me, except that our team is tasked with monitoring it.

    Unfortunatly due to a complete lack of knowledge throughout the departments, we still do not know exactly WHAT we have to monitor. For example, all we have been told about the intrusion detector is that it supports SNMP. They expect us to be able to instantaneously alert someone if anything goes wrong.

    This job is down south, and I hate it. I'm living in lodgings all week, and desparatly need to get back up north.

  • by knarf (34928) on Wednesday October 06, 1999 @01:54AM (#1634605) Homepage
    From the Talkback section:


    Name: D.C. Sessions
    Location: Tempe, AZ
    Occupation: Engineer

    So what's the problem? If anyone wants to round up most of the world's hackers, all they need to do is grab the participants on Slashdot and the various open-source developers' lists.

    Hey, if that sounds expensive I'll bet that at least one corporation would be willing to pony up a billion or so for the Cause.

    phear us?
  • This is true for almost everything that is supposed to run on "protected" host that is supposed to have insecure software at the same time. So Dvorak should be advised to put his "firewall" and his stories about corageously thwarted probes to his telnet and ident ports into the place that deserves them. Wait, isn't zdnet publication one of such places? Um.. nevermind.
  • by Anonymous Coward
    ...wouldn't be quite such a problem if the masses (and the corporates) weren't being advised by those who: 1) Don't know a Smurf from a Clanger (or US equivalent) and 2) Recommend a $39.95 commercial firewall with a straight face. Bored Pinetop
  • eaasiest thing for you is to learn IP chanins and
    and make yourself a nice paranoid firewall.
  • If this ever will be used, "reverse" DoS attacks will be rampant -- it will be enough to pretend that victim's address is trying to do something "bad"

    Perhaps you misunderstand...how would this be possible since, even if you spoof an IP address, the connection still has to be received and forwarded by the router attached to the REAL address?

    I'm suggesting the problem needs to be attacked well below the application layer. The data should not be processed, it should simply be compared to other data in some kinda of buffer.

    IE...a single connection, like FTP, would generate a huge amount of traffic, but it would all be unique (it's safe to say no one would be downloading the same file over and over 100 times a minute). Therefore, if the router buffered the traffic, there would be no match between packets and the stream would continue.

    But...multiple connection (real or spoofed, valid or incomplete) would also generate a huge amount of traffic...but there would be an obvious pattern. The router would see the same size packets with the same destination many times in a row and then simply refuse to route traffic for that REAL connection. Therefore, no routers upstream would be affected and the only thing the attacker would be DoSing is his own connection.

    It's like...comparing the waveforms of a sound file and an EKG. You can easily spot the repeating pattern in an EKG by buffering just a few miliseconds. And, if the attacker enlarges the repeating portion to escape detection, he is also decreasing the number of connections per second...down to the point where a decently fast server can handle them.

    IT would kill programs like GetRight with rely on hammering to get their target information AS SOON AS POSSIBLE, but really...this is software we can live without.

    - JoeShmoe

    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-
  • That is, the hacker does not need to be in the same place (or even country) as the system they are trying to hack/crack/infiltrate, so if they are to be prosecuted for any damage done, whos laws are followed? The country in which the damage was done, they country the hacker is in, or should new provisions in international laws be made?
    I bet the politicians and beaurocrats can spend years trying to figure it out. But maybe they won't. Earlier this year a Norwegian got sentenced after a watch-scam using Internet watch-trading sites. His buyers where in the US and Hong Kong as far as I remember. He got caught here in Norway, and the trial and everything took place here. Therefore, maybe local laws will precide?

    I'm not saying that using local laws & trials is the best way to do it, that's not for me to decide. Just thought an example would be nice.

  • I think the *only* real way out of this is a major push to IP6 so we can actually get some real identities..

    Granted, someone might break IP6, too-- but, that's the same as someone burning their fingerprints off to foil the fingerprint identification system (spoofing ip).

    Oh, and if the internet weren't global, this might be all possible. If a random Japan native nuked my house, would the FBI *really* care?

    No.

    But its just something we'll all have to live with- to each his own, I guess. It's time we all stopped thinking about the "internet" as one giant computer that can be controlled;

    IT CAN'T!

    Can your phone company stop a prank call before you complain about it?

    Does the pizza delivery place still ask you for your phone number EVEN THOUGH they have it on caller-ID ?

    Does this make sense at all?

  • Why can't Cisco et. al. Create a router which finds uneducated users running software they don't completely understand, and immediatly drop their connection to the internet.
    This would leave only the people who actually know what they are doing, making a much nicer internet for all. It would even solve his problem, he would be kicked off his e-commerce network for his own protection.

    That is, until someone passes a law allowing us to ban people like him from using anything more technical than a typewriter.

    A word of advice for his kind:

    "If you don't know what it does, DON"T FUCKING TOUCH IT"
  • Yup, he's right - we need a massive worldwide sting to wipe crackers off the face of the planet. In fact, I think we should go a step further, and introduce an international key escrow system whereby we all have to hand over private keys for encryption to the government so that they can have access to all of our data at any time. Even better, we should probably all have barcodes tattooed on our wrists that get scanned every time we log onto the internet, so that our activities are logged and there's no way anybody could make any kind of security breach without the people who control the traffic lights knowing about it.

    --
  • > Making examples of script kiddies will reduce their numbers > but transform the remainder into really angry and careful hackers.

    I doubt this. The script kiddies I've met didn't have the brains (or more importantly, the obsessional dedication) to invent an original exploit. Capable hackers are born, not made, and although many will use a script that's there and freely available, they have even more disdain for the kiddies than most sysadmins do. You can't turn a kiddie into an inventive hacker, just by pissing them off.

    3l33t d00dz are like British Admirals - we should hang the occasional one, pour encourager les autres. I don't think they should be Mitnicked into oblivion, but a good full-blown public trial, confiscation of kit and a fine is going to send a clear message that hacking is for real. Hack if you want, join the Mafia if you want, but don't think that either of these is just some new sort of RPG that's socially acceptable.

  • by Anonymous Coward
    Don't know about the FBI, but I've always suspected that the real hackers use the script kiddies to test out some of their alledged exploits, especially if testing it out yourself could be dangerous.
  • by JoeShmoe (90109) <askjoeshmoe@hotmail.com> on Wednesday October 06, 1999 @02:22AM (#1634616)
    Routers are designed to do one thing (series of things) and to do them fast and well with little overhead. As you add more and more "functionality", the device becomes more and more of a server that routes, and resource costs become more intensive.

    I disagree. First of all, I think a simple comparison of an incoming packet to a previously stored packet in a buffer somewhere is not really a significant overhead. It doesn't need to check every single packet (since odds are there will be identical ones under legitamate usage) but if some kiddie tries "ping a zillion times with 32000 bytes of data as fast as possible" surely some router should be smart enough to say "uh, no" if that is it's owners wish. Operating systems don't enforce any limits on the quality and quantity of data they send, therefore I say that it is the job of the router to make that determination. If there is a valid use for "ping a zillion times with 32000 bytes of data as fast as possible" then let it find some other route, because I don't want to lose my bandwidth because of it.

    Second of all...even if there is overhead, it's only price. So you have to pay for a 100Mbit router to get 10Mbit performance...costs always go down over time and the difference is that you may only have 10Mbit worth of actual data after you are able to block out abusing users absorbing data with meaningless attacks.

    I've seen water valves where there is a object set perpendicular to the flow of water in the value. Water rushing over the object decreases the pressure over it, causing the object to rise and block part of the flow. Thus, a slow, steady stream can pass through but sudden spikes of high pressure will be bouced back as the value slams shut on it. Once the pressure has reduced, the flow continues as normal. Also a good comparision, I guess, would be surge suppressors.

    What's my point with those two comparisons? In both cases the control is done at a VERY low level. Similarly, since there has to be a set bit format for a valid IP packet, I fail to see why it would take serious overhead to tabulate what source is sending the most packets per second and drop packets from excessively high connections so that upstream bandwidth is shared equally and abusive connections slow to a crawl.

    If I understand correctly, it's not just the target server that loses in a DoS situation...it's every router along the way. Therefore I think it would be an incentive for people to pony up the resource cost so that abusers would have to route their traffic somewhere else...no?

    - JoeShmoe

    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-
  • by cg (18840)
    Attacker wants to limit traffic coming out of target through a certain point. Attacker formats packets to spoof source as target on port X, then fires off a salvo. This router, which by now is a bulkier piece of machinery, determines that the target is abusing its transfer priveledges and is probably up to something bad.

    Either traffic is halted, slowed as packets are analyzed, or these routers are amazingly epensive.
  • by nyet (19118) on Wednesday October 06, 1999 @02:26AM (#1634618) Homepage
    Why does this thing seem like it took him 30 seconds to whip out?

    I mean talk about content free, not to mention completely unresearched.

    "I have the feeling theres, like, this sting or something, whoa."

    "Like those kiddie porn rings, yah they stopped those, dude, all right!"

    "No operating system is, like, invulnerable, like."

    "OMG! Like there was this one dude, he like, tried to telnet to my machine, but fortunately it was a windows box, and thats, like, secure, because i have this firewall and stuff and doesn't let people telnet like into it."

    Another GREAT article from that bastion of cluelessness that is Dvorak. God, if it wasn't for journalists like him, how WOULD we get our mass-market news?
  • by majere (82696)
    Uh oh,
    Dvorak used the word "hacker" in the context of "cracker"

    I can hear it now
    the fists beating loudly against the chests of all
    self righteous slashdotters out there.

    just quit it, it's annoying, yes we all know that
    they mean "cracker" it's been debated numerous times
    we don't need to be reminded again

    please? :)
    ----------
  • by the_tsi (19767) on Wednesday October 06, 1999 @02:32AM (#1634620)
    Guess what, guys: dictionaries (and Jargon Files) don't define language. Usage does.

    Years of the media using hackers as a synonym for "someone who cracks systems" has made it an acceptable use. Stop fighting it and deal.

    Of anyone in the media, Dvorak knows this. He's started using hacker because it's the only word most of the Real World understand. This guy HAS been in the industry longer than you. Don't pull the argument that "when I was young we just had [mechanical relays | punch cards | TRS-80 | IBM XT | iMac ]."

    I just wanted to post before someone else bitched about it.

    -Chris
  • I run a windows based firewall at home on a POTS dial up, and in the space of an hour, I normally have attempts at telnet, ICQ, NetBIOS, NetBus, NetBusPro, BO & BO2K made, in addition to seemingly random ports.This of course not counting DoS floods and Christmas packets. If my forthcoming (A)DSL connection has as little attempts at a hack as Dvoraks, then I'll be happy.
  • by jcr (53032)
    The man exposes Windoze to the net, and he thinks that the Script Kiddies are the problem?

    If you use an unsecurable OS on a machine exposed to the net, and anyone wants in, it *will* be cracked.

    Someone needs to fill this guy in on how to configure a router.

    -jcr
  • Seriously... as if Slashdot was a hacking site... the only hackers that hang out here are the type the right code and work to secure there own machine... there is not a scrap of information here that I know of that would help a script kiddie anyway...
  • They [sic] key to stopping all this hacking is a massive worldwide sting. In fact, I suspect one is underway already, although I have no evidence of it. It's just a sense I have.

    The key to stopping all this bad writing on the internet is a massive worldwide clue-by-four. In fact, I suspect one is hurtling toward my head right now, although I have no evidence of it. It's just a sense I have. Maybe I should ask my editor. Nevermind, he's been fired and replaced by Word 2000.
  • >Many organisations are very lax on security,
    >mostly due to the fact that management are
    >clueless

    That's a pretty good point. I work as a security engineer and I have to deal with people who only consider security as something really annoying, not allowing them to use the latest trendy technique. This is valid for management and for some techies too, as long as security is seen as a completely separated discipline. Thus my position is often incomfortable. I sometimes would like to send a Usenet message saying : "Hey guys, here is an IP (xx.yy.zz.tt), crack this box just to make everyone conscious !". But I won't, I don't want to loose my job. Nevertheless, this kind of violent electroshock may be needed...

    A+

  • "If you don't know what it does, DON"T FUCKING TOUCH IT"

    Well that's my sex life finished then.

    jsm

  • Dvorak has expended all his credibility a long time ago. The guy just trolls, and gets away with it because he writes for a "respected" (yeah right) source.

    Stop bothering with him. Just moderate him down and go elsewhere.

    -
    /. is like a steer's horns, a point here, a point there and a lot of bull in between.
  • Does it sound like he's trying to get people to crack his home net?

    If there is no news happening, you should try to make some? This sounds pretty fishy. Of course, he's going to get what he wants.

    Publicity. Book deal.
  • by Anonymous Coward
    No, that's just perfectly normal paranoia. And everyone in the universe has that.
  • I must admit I am rather confused by all this. The idea of giving permanent Internet connections to people with absolutely no idea about Internet security - I don't know whether I should be amused or horrified.

    --
    "I am Blair of EU^H^HBorg. Surrender your currency and prepare to be assimilated."
  • Would you like to name a single securable OS out there? Linux? nope, OpenBSD? nope, Trusted Solaris? (what the NSA uses) nope.

    People need to realise that NO OS is secure and that NO OS can be made secure (alla all OS's suck). Look how many security fixes have gone into Linux the past year alone (probably the first OS people think of when think of alternative to Windows). People have started believing that the OS alone can stop crackers, hackers and other wannabees and then whine when their "secure" system is cracked.
  • summary execution! all real americans love summary execution and peanut butter sandwiches with their network security!
  • Don't know about the FBI, but I've always suspected that the real hackers use the script kiddies to test out some of their alledged exploits, especially if testing it out yourself could be dangerous.

    Hey Bobby,

    Two-A-Day and Ihad a big laugh over this,

    Lucas
  • >* put your ideas here! you've all been (or are, bored teenagers, what would you have liked?

    I think I can safely say that no teenager who is 'into computers' is bored.... There's just mind-boggling numbers of things to do with computers, as most of the slashdot readers know.
  • YADDA

    Or : Yet Another Disgustingly lame Dvorak Article.

    Mr Dvorak, please don't put your nice little Windoze machine on *any kind* of permanent 'net connection (cable, ADSL or other) -- or you will get it hammered by every single script kiddie out there . Use a *real* operating system if you want to keep it uncracked. Oh, and, please, please, please avoid pointless exercices in intellectual masturbation, such as "I feel like a huge crackdown is coming for those no-good kids! And about time, too!". You either have some sort of *fact* or insider info or you don't. In your case, you don't: yadda, yadda, yadda.

    I am not even going to comment on the "cracker vs hacker" debate. This guy is pathetic and clueless beyond belief. Commercial firewall? Yeah, sure.


  • Isn't it a bit elitist to rag on someone for elitism? Oops, I must be an elitist now.

    logan

  • >Years of the media using hackers as a synonym for >"someone who cracks systems" has made it an >acceptable use. Stop fighting it and deal.

    And this makes it right?
    By your words then we as Linux users should stop fighting M$ and bow down to the masters. Hogwash!

    Dvorak may have been around the industry but he konws dick about it. His articles prove that!
    He is just another mindless fool.

    You might try reading Steven Levy's book, you might othen get a feel for the REAL term "Hacker".
    I consider myself a hacker of the old school and have no problems admitting it, even in the business world. In fact my employer liked the idea of having a "hacker" around to solve the problems their normal IT staff couldn't handel.
  • by jht (5006) on Wednesday October 06, 1999 @04:10AM (#1634644) Homepage Journal
    Tune into next week's episode, where the fearless Dvorak discovers the woes of Windows 95 file sharing!

    Seriously, people should assume that port scans are headed their way on a regular basis - and anyone who doesn't at least have a NAT router (I know NAT isn't a real firewall, but it'll beat 99.9% or the script kiddies out there) between themselves and the Internet should go out and get _some_ kind of firewall - the cable and DSL providers should be recommending these to all their customers, or at least implementing basic firewalls within the cable/DSL modems. At this point, everyone should implement some form of packet filtering - there's just too many script kiddies out there to assume any trust at all.

    Sucks, don't it?

    - -Josh Turiel
  • by Anonymous Coward

    This is at least the second recommendation I've read for this product. Is any slashdotter using it and do they recommend it? Is BlackICE available for Linux? I'm looking for a product like this that's affordable (i.e., cheap or free) for both Windows and Linux. At $39.95 BlackICE seems like a good deal. (I want an all-in-one firewall product for Linux.) Please comment.

  • Guess what, guys: dictionaries (and Jargon Files) don't define language. Usage does. Years of the media using hackers as a synonym for "someone who cracks systems" has made it an acceptable use. Stop fighting it and deal.

    NO!!!!!!

    Will years of M$ using 'innovation' to describe its business practices make this acceptable:

    "You hit the guy with the baseball bat, and I'll innovate his wallet."

    All humor aside, we are in the midst of an Orwellian nightmare. The clueless media feeds mountains of mis/disinformation to the even more clueless masses. Never before in the history of this country has there been such an overwhelmingly sheeplike public. People rarely read. When they read, they do not comprehend. A generation raised on television and RPG's and techno-fairytales cannot distinguish between the real world and the one they desperately wish they lived in.

    Do NOT stop fighting against Orwellian revisionism. Do NOT surrender to the lowest common denominator. 50 million people CAN be wrong. Hell, how many million people think AOL is the internet?

    If we allow an ignorant unthinking mob to define the language for us, how far are we from allowing them to 'innovate' our very freedom of expression right out from under us?

    Bite My Ziff, Davis!

    ======
    "Cyberspace scared me so bad I downloaded in my pants." --- Buddy Jellison

  • I'd prefer to see hacking winked at, but actual damage responded to in a proportionate matter.

    I have a close contact in the Computer Crimes division in the Atlanta, GA FBI office. She has explained to me that the FBI (at least the GA office) has been focusing a considerable amount of attention on the small-time hackers. The script kiddies.

    Unfortunately, the FBI is unwilling to assist in a reported incident unless they "hacker" (and I use that term loosely) damaged a system/network or stole confidential information.

    It's a step.

  • Uh oh,
    CmdrTaco used the word "columnist" in the context of "Dvorak"
    ---
  • Get IPs out of the argument. We all know how easy it is to spoof IP information. The issue here is the physical connection.

    If attacker formats packets to spoof the source as IP 1.2.3.4 then it still has to come from somewhere. IF it comes from another router, then the first router is simply ignoring packets with IP 1.2.3.4 from that router. It has no effect on the data flowing from the REAL 1.2.3.4 many many hops away.

    So if you wanted to truly reverse DoS 1.2.3.4 then you would either have to A) spoof the attack to a huge number of routers that you know 1.2.3.4 connects through...in which case your attack has been diluted and unlikely to truly work or B) attack the one or two routers that serve as 1.2.3.4's entry point...which is basically the very kind of DoS attack the routers are now trained to block.

    At some point...it all tracks back to a unique MAC address so there is at least ONE router in the whole world that can stop an abusive stream at the source...witout even looking at IP information at all.

    And again...in case I haven't made it clear...

    YES the extra thinking will slow down the routing of packets but DoS attacks are already slowing down that same routing of packets. If you spend a couple extra milisecond of thinking to decide to exclude DoS information that can last minutes or even hours there is going to be an increase.

    Script kiddies love to attack EFNet servers to split them off the network and gain ops in a popular channel. So IRC server started using a policy where no ops are giving during a split. Thus, they are no longer a target because there is no reason to attack those servers and quality of service increases.

    Likewise, if script kiddies find that a certain route point drops their ping flood, they have to find another route until eventually no routers will carry that traffic at all.

    - JoeShmoe

    -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-
  • use ipchains to set up a simple masquerading firewall. It needn't have a ton of complex rules (but that's OK if you want).

    Then you can use another tool like portsentry which detects portscans, and can be set up to use ipchains rules to automatically drop packets of anyone portscanning you (including your ISP :). Nice program. Another program, logcheck, will scan you rlogs and report (email) all suspicious activity. Look for them on freshmeat.

    Then secure your box by removing all services except ssh.

    It isn't too hard.
  • >What punishment would be appropriate for these
    >"kids" who get their hands on some programs and >start mesing around? How far is too far?

    Speakin for myself, all it takes was a polite phonecall from a sysadmin who's box you've just attempted to crack. I haven't "attacked" any systems (well, except helping check some security things on my roommate's box) since then. For the young or stupid, a good scare will set them on the right side of the law. Fear can be a good weapon against the script-kiddie, especially if you catch 'em small, and scare the hell out of them by mentioning the FBI.
  • I have to say that I'm less than impressed with the "bored teenager" excuse that seems to crop up whenever cracking is mentioned. There are plenty of interesting problems you can work on.


    Take a classic board game and write your own computer version of it. Program "perfect" play for the computer player. Write a program to "solve" checkers through brute force. Write a fractal viewer with a cool zoom-in feature. Write a dense linear algebra package. Write a sparse linear algebra package. Get the edition of Numerical Recipes without the code and implement all the algorithms therein. Get the NR code and time test your implementations against theirs. Beat the times of the NR algorithms.


    Still bored? Write a fluid dynamics code. Add viscosity. Add MHD. Add self-gravity. Add adaptive grids.


    Download all the cracking scripts and figure out how and why they work. Fix the holes they exploit. Find a missing feature in Linux that really annoys you and add it. If you are at a loss I have a couple of suggestions.


    Download the Infocom engine and write your own adventure. Write your own MUD or chat program.


    That's just off the top of my head, but I think you get the idea. Any teen who is so "bored" with computers that he can think of nothing better to do than to break into other people's machines and cause trouble is either pathetically uncreative or just plain ornery. Which one are you?


    (Sigh. Not even 30 and already an "old fart". That's got to be some kind of record.)
    -r

  • by coyote-san (38515)
    Wow. You rarely see anyone invite slander and defamation suits from tens of thousands of people at one time.

    But what I find *really* interesting is his "Cause" . What "Cause" is this, exactly?

    Prosecuting people for lawful assembly?

    Prosecuting people for encouraging meaningful and fair competition in a major economic sector?

    Prosecuting people for daring to say that the Emperor has no clothes?

    Mr/Ms Sessions, if that's your name, exactly what crime is it you're alleging me of committing by frequenting SlashDot and the development mailing lists? My lawyer *really* wants to know....
  • "Just because you spoof an ip for the return ping to go doesnt mean that he cant find out where the actual 'inducement' ping really came from."
    Actually that is exactly what it means. There is very little information in an ICMP ping. There the IP header which basically conists of the target address (a broadcast address for smurf) and the source address (spoofed) and a flag to say "this packet is an icmp message" and some bits and pieces like TTL and TOS. That's the IP header - wrapped up in that is the ICMP header. It just contains flags to say "I am a Ping message" and a check sum and a few more mechanical bits and peices. Inside the ICMP header is the payload and it's arbitrary - anything we want just make it big so the target dies. (But not too big or else we'll get filtered out.) No where in there is there even the slightest trace of the true source of the packet. The only way to track down a smurf'er is by working your way backup the route and finding out at each step what the next hop is. This is a complicated process requiring the co-operation of many admins across many networks and ussually can only be done while the attack is
    in progress. Some smurf attacks have been known to go on for hours and hours so this can happen - but as I am sure you can imagine, not very often. This is the main reason why smurfing remains such a popular peice of mischief amongst the script kiddes and such a pain for the rest of us - even though it's been public for over 2 years. (Thankfully not too many exploits survive that long in the wild.) The best chance for catching someone doing this is for their ISP to notice the packet as it goes out. But - if the ISP had a clue in they wouldn't be routing packets with a non-local source address out onto the internet in the first place.
  • It's as simple as that. He really has very little clue what he's talking about, and apparently (from his proto-fascist suggestions) has lived in America too long with memory too short to remember what evils governments can get into if you let them.

    I find his suggestions deeply disturbing. Am I naive to hope that policy makers are better informed than he?

  • Your ISP already has the capability of eliminating ICMP attacks where the originating address is spoofed. If your ISP would filter out any packets originating from inside their network with source addresses not in their address ranges, this problem would go away. If you E-Mail Cert with this idea, they'll tell you that they've been begging ISPs to do this for YEARS. Unfortunately, the people who run ISPs are such plonkers that they'll never get this, so the problem will remain. If you call up your ISP and try to talk to them about their router configuration, you can actually HEAR their eyes start to glaze over across the phone line. Give it a try, it's actually an interesting thing to hear.
  • D.C. Sessions is well known on the Usenet for a number of things, but I've dealt with him in two areas. He's not a total nutbag by any means, but he is extremely strident (a term applicable to myself as well!) in his views.

    1) He's active in the area of spam control on the Usenet. In this regard, I agree with him because spammers are evil, and they have destroyed some of the usefulness of the Usenet. He goes way overboard in my opinion, because he's a monitor of what the *appropriate use* of the internet is. In other words, he's not just against spammers, he's against those who use the internet to further their political goals. And that's where I ran into him when I was arguing a particular topic.

    2) And that topic was circumcision. There's a lot of people who are opposed to it, and they argue on the usenet about it. I think he'd just like to shut that idea down entirely, because, well, he's in favor of performing surgery on infants without a medical diagnosis. He doesn't see the usenet as a valid medium for radical political organization. No matter what a person thinks on an issue, I think the usenet is there for everyone to argue all day long if that's what they want to do, and to organize grassroots political support if they can.

  • Maybe our friend Mr. Sessions is playing on the whole hacker/cracker confusion. There are a lot of
    hacker types on /. and OS mailing lists after all.
    --joe

    "I have done nearly everything at one time or another."
    --My Manager
  • chesse crackers are ok, but i prefer peanut butter. wow, dvorak really is a big man to take on the cracker industry. i mean, they must be huge; just think of how many crackers are sold in one day, alone! you go boy!
  • Here's the meaning of life, from the Dvorak/ZDNet perspective:

    • Dvorak writes an inflamatory article (aka: Troll).
    • The link to the article spreads amongst the target community (ie: Unix/MacOS/BeOS users, hackers, people of intelligence.)
    • Everyone in the targeted audience clicks on the link to the article, sometimes more than once.
    • ZDNet counts every time Dvorak's page is served.
    • ZDNet sends a bill to the owners of the ad banners on Dvorak's page.
    • ZDNet and Dvorak are swimming in money.
    • Dvorak decides he needs a new car, and composes his next inflamatory article.

    Thus the circle is complete again. And ZDNet is a bit more richer.

    Why else would Dvorak have a job?


    --

  • Take a classic board game and write your own computer version of it. Program "perfect" play for the computer player. Write a program to "solve" checkers through brute force. Write a fractal viewer with a cool zoom-in feature. Write a dense linear algebra package. Write a sparse linear algebra package. Get the edition of Numerical Recipes without the code and implement all the algorithms therein. Get the NR code and time test your implementations against theirs. Beat the times of the NR algorithms.

    If you knew about game theory, NR, and linear algebra you must have had a pretty nice high school, and most likely it wasn't a standard public one. I was lucky to have an AP CS class at mine.

    I think the point is that a lot of kids don't know what cool stuff is out there, like free development tools, Linux, and the like. That is changing, but much too slowly. We have to be a bit more active than osmisis...

    An ex-bored teenager...
  • BTrees are not limited to Linux. I learned about them in CS 102, before Linux, GNU, or Windows even existed (we used BSD). There is nothing new in Linux programming (hate to burst anyone's bubbles). It's all been around for decades just waiting for a new generation to rediscover or reinvent them. Don't limit high school or university learning to Linux. Generalize it to "unix" or even more generalized to "computer science", and you'll have students that know how to think and reason in ANY operating system or programming language. Generalized knowledge will last a lifetime, but specific knowledge will only last a few years. I learned how to program in C++ not because I took a C++ class, but because I had classes in programming concepts. The only difficulty I had with it was due to bad habits learned in specific languages.

    p.s. Is "teengnu" more like the Young Pioneers or the Campus Crusade?
  • by Anonymous Coward
    The guy expects the sysadmins for @home read his column? Hello John:

    abuse@home.com

    I've dealt with them before. They seemed competant enough.
  • That sure beats selling all those keyboards, doesn't it. :)
    --
    "New worlds are not born in the vacuum of abstract ideas, but in the fight for daily bread..."
  • Says HERE [networkice.com]
    BlackICE was designed for multiple platforms, but currently does not run on Linux. However, it detects many attacks directed against Linux machines, such as the rpc.mountd overflow.
    DETAILS We plan to support UNIX platforms, especially Linux, in the future. This page will be updated in the future as we get more information.


    I installed it on a Windoze and found it useful. I watched it detect a NetBus probe-- the icon flashes and you are given the date, time, info, and IP address. When you select the attack for more info it brings up a web page telling you what the attack is, how common it is, not to panic, what you can do about it, including a submit-the-IP address option that tells you to what ISP the attacker's IP (theoretically) belongs to. The info was easy-to-understand and direct so that non-techies won't panic if they read it-- and that's obviously who the product is geared towards.

    Overall, it has an intuitive GUI, logical tracking methodology, and is a thorough product.

    Good for them (although I concurr that they REALLY should remove an enorsement from JP)...
  • The suggestion to write a fractal viewer struck a chord with me.

    As a teenager (10 years ago), I can remember first reading about the Mandelbrot Set in Scientific American. They gave the formula by which it was created, but no actual code to do it yourself.

    Some number of hours later, I had a QB program (ya, I know, I didn't have a DOS C compiler yet) that could generate a fractal. Then I had to create a viewer to see it. After about 3 hours of crunching (I went to see a movie) on my poor 386-20, I was amazed to be looking at the Mandelbrot set.

    I agree that boredom is one damn poor excuse to start cracking. Many more will be impressed by a hacking effort than a cracking effort.

    GRH
  • He's right, that would be an excellent way to round up alot of the world's hackers.

    It'd be a different manner if you wanted to round up the malicious crackers who attack sites though...
  • Dvorak gazed across the packed-dirt parking lot at the baleful faces near the rusting International Pickup truck. The air was not so much warm as stagnant in the Kentucky autumn day. The three soy farmers stepped toward the battle-ready figure before them. Cletis glanced at Garth and Ezekiel and then at Dvorak.

    His jacket had been thrown off at the first exchange of words with the three stern men. Dvorak had rolled up his sleeves and was tightly gripping the Cross sterling-silver pen from the inside lapel pocket of his cast-away jacket.

    Cletis spoke in a steady, slow, but menacing drawl, "What was that y'all said about my mother and my Apache Server?"

    That was an excerpt from my new novel "Dvorak Takes on the Crackers". What do you think?
  • I disagree with Dvorak on many issues.

    > It's a mess, and no operating system is immune.

    Exactly. Which means BUILD A BETTER OPERATING SYSTEM. Linux and other freely available OSes are immune to many, if not all, of the attacks with proper setup and filtering.

    These journalists should stop touting NT as the holy grail of server OSes when it has gaping security and DOS problems.

    I suppose I'm getting into the holy war regarding who gets blamed, the software companies or the people that exploit them. My opinion is that the blame should go on the software companies and implementers.

    > This is where teenagers go to grab a quick
    > attack package to harass people who won't date
    > them.

    Puh-lease, that's so stereotypical. If there's any reason you're going to get targeted for an attack, it will be because you're making inflammitory statements such as that one.

    > Making an example out of a few punks can have
    > two effects: It can cut down on the number of
    > casual attacks, but it may also improve the
    > hiding skills of more serious hackers.

    I disagree. If you start going after script kiddies on the Internet you're going to not only seriously piss them off, but the younger generation of script kiddies, and the more serious and skilled crackers.

    If anything, that methodology is going to provoke more hacking similiar to how the drug war actually increases drug usage.

    > And if law enforcement doesn't step in to stop
    > the little guys, there are two results as well:
    > One is the capture of hackers, of course, but
    > the other is the encouragement of sites such as
    > CyberArmy and WarForge to flourish and to make
    > low-end hacking seem like an acceptable hobby.
    > It's obvious that the second, lax approach, is
    > in effect today.

    I have trouble comprehending his point here. If law enforcement steps in to stop the little guys I seriously doubt sites like "CyberArmy" and "WarForge" are going to change their views and stop posting these kinds of materials.

    What then? Censor this kind of information? Make the manufacturing and distribution of exploits illegal?

    > They key to stopping all this hacking is a
    > massive worldwide sting.

    Not only could you not catch every cracker/script kiddie in a massive worldwide sting, but it would cost billions of dollars in manpower and technology to operate a high-tech sting of this magnitude. Furthermore (like I said above), this is just going to aggrivate all the crackers who don't go to jail (majority of the juvinilles and all the ones not convicted due to the inevitable lack of evidence).

    > The guys who were recently busted for trying to
    > run off with 13-year-olds were caught by agents
    > posing as teenage girls in a chat room.

    This is a different kind of crime though. Trying to meet up with 13-year-olds for molestation/kidnapping is dissimiliar to cracking/DOS attacking. While they both take place online, one involves a hard physical subject (a person, kiddie porn), while cracking/DOSing involves breaking or entering a VIRTUAL environment.

    I'm not sure how to really drive home my point that they are very different crimes, but I think anyone who is in the "technological know" can see my point here.

    > you can be certain that low-end hackers will
    > start to be rounded up.

    I doubt it. Good luck if you do FBI! The only thing that has really been like this is the raid on gH, but I bet most (if not all) of them will get off or just recieve very light sentences so they can go do some more damage.

    It would be a waste of time to sit in IRC channels and try to bust entire groups for cracking/DOSing sites, and I think the feds know that.

    The only time the feds get involved nowadays is if something major goes down, like the White House, the Army, or a coproration with enough money and will-power to prosecute...

    > I'm sure their parents won't appreciate the
    > legal bills. Maybe that will put a stop to it
    > once and for all.

    Again, an inflammatory and stereotypical statement. This is not like the 50s or 60s when parents had control over their children through beatings and derogation of self-esteem (yes this is inflammatory too, but it's how my parents explain it to me). Our current generation of kids (and I know because I'm not that old myself) are basically uncontrollable. Those of us who grew up with this technology KNOW there's a world out there that they can influence in one way or another. They can't be censored or "told" what to do other than to be reasoned with (or brainwashed :). My parents couldn't tell me what to do, and neither can anyone else's.

    What do you do? Take away their computer? Kid will just go over to someone else's house, cafe, or computer lab and have fun.

    Lock em inside? Ground them? Yeah right. The second you turn your back on that teen he's gonna be out going somewhere and being a teen. Even if you are successful, maybe the kid will just turn his attention to phone phreaking.

    So my point? Patch the OSes, filter the offending packets, fix the protocols. Make Microsoft, Sun, & Cisco spend a couple billion to address these issues instead of making tax payers spend a couple billion to fight a losing cause.

  • Get IPs out of the argument. We all know how
    easy it is to spoof IP information. The issue here
    is the physical connection.
    ......At some point...it all tracks back to a unique MAC address....


    The only router thats going to be dealing with a MAC address relevant to the source of said spoofed packets is going to be the connection from the sources ISP to the upstream provider. If this router is configured to drop outgoing packets with external source addresses it takes care of spoofing.

    Consider the following:
    (I'll use private IP's for demonstration purposes.
    Assume for the sake of argument they are registered #'s)

    Evile.net uses class C addresses on their internal system,
    lets say 192.168.1.0 for customers and 192.168.100.0 for their internal backbone

    User 31337GoD@Evile.net decides to launch a smurf attack using /. as the source IP
    The header of said packet says it originates @ 209.207.224.40
    When the packet hits Evile.nets gateway to the rest of the world, the gateway, if its configured as a packet filter that checks for IP spoofing, will see an external IP addy on an _internal_ interface and drop said packet instead of pass it out of the world interface.

    So if you wanted to truly reverse DoS 1.2.3.4 then you would either have to A) spoof the attack to a huge number of routers that you know 1.2.3.4 connects through...
    Or use a source routed packet, of course you'd want to pick a route composed of improperly configured routers, but if you know what you're doing you would have a list of malconfigured routers.

    Anyway the point being that if the present technology was used to its best potential the 'net would be a much better place.
  • Its a matter of latency, not throughput. More bandwidth doesn't compensate for processing time.

    I feel I know you somehow...
  • There are many problems with this approach. But, the most important one is that it's trivial for DoS attacks to get around. Suppose that everyone spends big bucks to upgrade their routers to the new, fancy, packet-checking versions. Now, all of the old flood-ping DoS programs stop working. Great. Everything is wonderful. Except, the crackers add a single line of code to the DoS programs which tweaks each packet so that they are all different. All of that work that was invested in the new routers is now completely wasted. The winner: Cisco. The Losers: everybody else.

  • I doubt very much that there is any kind of massive sting afoot, either
    internationally or in the US. The FBI has no brief to investigate the
    normal activities of script kiddies. It turns out that there is no
    Federal law forbidding one from gaining unauthorized access to an
    Internet host - all such laws in the US are *State* laws, which means
    the FBI doesn't investigate violations.

    The US Code only prohibits breaking in to so-called "protected
    computers" (USC Title 18, Part I, Chapter 47, Section 1030), defined as
    follows:

    (2) the term ''protected computer'' means a computer -
    (A) exclusively for the use of a financial institution or the
    United States Government, or, in the case of a computer not
    exclusively for such use, used by or for a financial
    institution or the United States Government and the conduct
    constituting the offense affects that use by or for the
    financial institution or the Government; or
    (B) which is used in interstate or foreign commerce or
    communication;

    (source: http://www4.law.cornell.edu/uscode/18/1030.html)

    Clearly, this does not cover most of the activities of script kiddies
    and other such pests, most of whom attack "unprotected" computers
    (universities, ISPs, corporate web sites, non-US hosts, etc.). This
    isn't that much of a surprise, I guess --- the FBI doesn't investigate
    breaking-and-entering cases either, unless the burglars attack Federal
    property.

    I suppose that State District Attorneys could be getting together to
    gang up on them, though. Short of Congress changing the law, I guess
    that's the best we can hope for.
  • This situation isn't much different from drugs, as long as people want to do them, a way will be found. All law enforcement can do is arrest the least talented and make the rest more cautious and better armed.

    The difference from the drug situation is that these are not victimless crimes. As with any crime, some people will keep doing it despite efforts to stop it, but that is no reason to not go after the bastards.

    I'd prefer to see hacking winked at, but actual damage responded to in a proportionate matter.

    Just tampering with my computer is bad enough. There need not be any additional damage for it to be criminal than snooping through my files, or downgrading my internet connection. Stay off my stuff!
  • Remember he is talking about doing this at the ISPs _outgoing_ router. It would only effect the people on the ISPs subnet. He would like the to filter outgoing packets with some heuristics to determine if they are trying something they shouldn't be. And if you have some real need to portscan *.ru you can always call your pipe provider and ask them to make a special exception to the router rules for you.
  • Guess what, guys: dictionaries (and Jargon Files) don't define language. Usage does.

    This is mostly false. No matter how many jagoffs commit a solecism, it's still recognized as a solecism by people who actually know something about the language.

    I just wanted to post before someone else bitched about it.

    This isn't substantially different from a "First Post!" type of ambition.

    --

  • Why publications let articles in, writen by people that have NO CLUE what they are talking about!?

    Probably beacuse his editors don't have a clue ether. He probably knows more then the people he's for. It's sad but true, One of the things that bugs me more then anything else is when people act like they understand somthing when they really don't. I always to point out things I'm not sure about when I write (though, I'm sure I miss somethings)
    "Subtle mind control? Why do all these HTML buttons say 'Submit' ?"
  • >Oh dear. "He" was aiming for a rather different
    >tone than "strident." Gonna have to work on
    >that.

    Crap! Did I miss something? I think I did indeed miss the sarchasm. Well, it *has* been a long time since we've knocked heads.

    >It might be interesting to try to find an
    >example of "him" arguing in favor of
    >circumcision -- in any case you appear to be
    >drawing rather sweeping conclusions from rather
    >meager data.

    Well this is entirely off topic for this forum, so this will drop.

    >>He doesn't see the usenet as a valid medium for
    >>radical political organization.

    >And here I never knew that. The things you learn
    >on /.

    A couple of times you were ranting about how all the wackos discussing various topics were sending us all to Usenet hell, figuratively speaking of course. It's not your *primary* complaint by any means. The way I see it, as long as it's on topic for the group, even sort of marginally, then no problem. My memory may be bad, but I recall a lot of complaining about the tactics of a particular side in the very heated debate. I figure that as long as it's not spam, why worry? Smart people can sort that stuff out themselves.

    >DCS does not suffer fools gladly, and has been

    And that's why I included the phrase "not a nutbag by any means." It's an acknowlegement of that.

    Mostly I was responding to the other guy who doubted your existence. Since I have some evidence, I thought I'd contribute it. I think I was nice to you though. Check out my flamage of Brett Glass a couple days ago for my mean side.

  • Is't what this sounds like? "And they do such and such and they are weirdos - but we know where they hang out, so why not go get them?"

    I'm starting to think I live in China. Sorry, I guess I should say I mean the PRC.

    Well, I better finish up this post so I can go sit by my window and wait for the tanks to roll in...
  • get rid of the damn icmp echo. I get hit 4-5 times a week on my servers..when i did echo 1>icmp_echo_ignore_all in /proc they suddenly went silent. I guess having a machine with no echo response to icmp packets is pretty hard to find/portscan.
  • DSL/cable providers putting firewalls in their out-of-the-box equipment will probably never happen. They can't even get telnet/other admin passwords right.

    Covad (even though their own security policy says this is not to happen) plops down nearly every FlowPoint router with a very stupid and easy to guess password.

    There was talk on bugtraq a few months ago about a telco (I think USWest) not even putting passwords on some ADSL routers. People telnetted to their routers and could do things unchallenged.

    If you can't get DSL/cable companies to close the front gate properly, forget about having the fancy alarms in the house working or even getting installed.
  • What a great list! These are great ideas for any kind of "free time" computing project. Does anything like this exist anywhere else on the net?

    Take a classic board game and write your own computer version of it. Program "perfect" play for the computer player.

    Just remember that there are some games where "perfect" play is very difficult, if not impossible (Go springs to mind, as well as Chess).

    Things like Othello and Checkers are do-able though.

    Download the Infocom engine and write your own adventure. Write your own MUD or chat program.

    Amen! Inform [demon.co.uk] and TADS [tela.bc.ca] are great starting points for those aspiring nonlinear writers out there...
  • IN the most recent vs. of 2600 he made good points on why we should NOT use the term "cracker" at all. If you want an interesting and insightfull reaad, give it a read.
  • You make it illegal to port scan or winnuke and make the penalities anything more than a slap on the wrist and the real hackers are going to make a mockery of the press and pigs.
    They'll arrest grandma on her AOL account and figure out that they were dupped by a IP spoofer right before grandma slaps the city with a wrongful prosecution suit.
    ** I don't want the script kiddies in jail. I want the guy that can shut down the pacific northwest's power grid sitting in a cell if anyone needs to be.
    Or, maybe the terminally stupid could turn off file and print sharing, and stop installing things they don't understand, or resist running that latest app that was attached to their e-mail.

    BTW I haven't read anything very on-the-ball from Mr. D since I stopped reading his cooking recipes in the back of Boardwatch.
  • ..and I ended up doing the SAME THING with QB on my parent's 386. It was great fun! that damn article got me thoroughly involved with fractals and chaos for most of my high school career. I later ended up building the 'syncronized chaos generators' project in a latter issue of Sci Am. ah yes. them was the days.

    #begin recollection of silly fun projects

    At the same point in time, a friend of mine was working on a crude (_CRUDE_) first person shooter called "Revenge of the Lagomorphs". You basically stood in 1 place while ascii rabbits came at you from all directions. The weapon of choice was a GAU-8 which shot a stream of uranium '.'s, IIRC.

    I also did a planetary gravity simulator in 9th or 10th grade. It was fun to watch but i got tired of plain old gravity and added multiple planets, moons, and even took a shot at relativity (it only succeeded in making everything run slooowww).

    other projects you might try--
    +create your own ascii-art gui on an ancient computer
    +emulate cryptography machines
    +simulate plate tectonics
    +make MUSIC!!
  • Fantastic! :> hehehe...

    A merger of home high tech and
    the social elite.

    Sounds great for the first chapter...
    I, for one, would love to read a novel along those lines :>

  • > A generation raised on television and RPG's and
    > techno-fairytales cannot distinguish between the
    > real world and the one
    > they desperately wish they lived in.

    While I partly agree with your assesment of television as contributing to the general apathy and cluelessness of society, I take offense at your mention of RPG's. Until a few years ago, RPGs were a very small sector of the total video game market (in the US that is; they were much more popular in Asia). In my experience, RPG players were much more intellgent, on average, than players of other genres of video games, and probably more intelligent that most average people. Perhaps it has to do with the similarity of the RPG form to fantasy and SF novels, which attract many of the more intellgent, less socially accepted "nerds" and the like. Whatever the reason, I would be much more comfortable with a populace of RPG players than players of mindless fighting games and other less intellectual genres. In the last few years (starting with the release of FF7), RPGs have become much mainstream and this generalization would probably fail to hold. As for your mention of "techno-fairytales," I'm not quite sure what you're referring to.
  • > My child, the nature of the crimes may be
    > different, but the motive is the same. The
    > motive

    Do not call me a child. I am neither legally or mentally a child.

    The existance of "sin" is a religious term, being athiest I will not put it in terms of sin. What I will say is that potential child molestation is a much more serious crime in my eyes than potential script kiddie actions.
  • I've felt about doing the same here, when (and if) the box does eventually go live. Due to the purpose of this machine, it will probably get attacked pretty damn quickly.

    The NT security in this organisation is a joke. One domain for the entire building, and until the obvious password was changed last week, everyone knew it. Now that the password is secure, no-one can get on with their work as a lot of tasks require domain admin privaledges.

    I've worked in other simillar organisations before, and never has security been such a mess as this one. And NT is so insecure - anyone with a sniffer (Ethereal!) can grab the SID of the adminstrator, and bombard the account until they crack it.

    I just hope that this UNIX based system here is looked after a bit better, but judging by the knowledge of some members of the UNIX support team, this fills me with dread.


  • Sorry. Did not mean to offend RPG'ers. I just meant the tendancy to "live" in fantasy, to indulge in fantasy as recreation, to the exclusion of real life (however THAT may be defined!)

    techno-fairytales. Well, there's HAL, theres the 'computer' on Star Trek, and the Jetsons, and then there are the recent Microsoft and Intel TV ads... :-)

    ======
    "Cyberspace scared me so bad I downloaded in my pants." --- Buddy Jellison

  • now, when i saw "dvorak takes on crackers"
    i thought it meant that dvorak key layouts
    were taking on crackers. i have a dvorak
    key map (sometimes), and a friend of mine does
    always. he also has his telnet daemon hacked
    to do dvorak.

    thats a damn good defense system against anybody, and a formidable obstacle in the path of anyone who doesn't know dvorak
  • I hate to sound like the old man here but it sounds like many, or even most, of you aren't old enough to have seen or read John Dvorak until the last couple of years. The man has _ALWAYS_ been a blithering idiot. In 1984, when the Mac came out, his argument against it was that the DOS running PC was a computer built by men, for men. He just recently pulled the same crap by calling the Apple iBook a girlie computer. If you don't like something, come up with a good reason, but leave the nonsense out of it. Also, he recently wrote a column about how Linux isn't worth a damn in a server environment...go check out the October 5 issue of PC magazine though; Winn Rosch has a much more sensible article. I don't know a single person in my circle (and we are a fairly high thinking circle) who thinks this man deserves an audience...sadly he has one. Dvorak obviously has the ear of somebody, and until he fully discredits himself (comparing cracking to soliciting sex from minors is a good start) we will have to continue to put up with his prattle...I have had to put up with it for the last 15 years...let's hope that this Rush Limbaugh of the digerati doesn't hold those ears for another 15.
  • (B) which is used in interstate or foreign commerce or communication

    If you attack another node, and in the course of doing so your malicious packets cross a state or country border, then you're breaking the federal law. The FBI will investigate if the victim presses criminal charges, as a federal court will be used for judicial procedings on the matter.
  • I do think sitting an 100+ user efnet channels is plenty of advertisement for an ip to get randomly bombed upon, and yet my box lives on

    On certain IRC networks it's the IRC servers themselves which attempt to crack. Claiming they are doing it to find "unsecure proxies" and sometimes mentioning "Nukenabber" (presumably that's some piece of Windows software.)

"You don't go out and kick a mad dog. If you have a mad dog with rabies, you take a gun and shoot him." -- Pat Robertson, TV Evangelist, about Muammar Kadhafy

Working...