These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE General Discussion

 
  • Topic is locked indefinitely.
 

Don't scan my ports CCP or else

First post
Author
Twulf
Order of the Eagles
#101 - 2012-03-15 20:32:23 UTC
Morganta wrote:
Twulf wrote:
Muestereate wrote:
Of course I knew it had originating code, The source was EVE. Kind of self evident since I posted on an eve forum asking them to stop???? I Doesn't show up as a ping on my logs but a scam. I mean scan, I allow echo requests so that servers don't time me out but the pings have to go where I expect them go. you can come in my front door port 80.


Oh my, this is priceless.

You talk about having your computer setup with great security but you have port 80 open? Lol that is classic.
Just more proof you have no clue how to setup computer security.

I route all Internet traffic through port 8080. Port 80 is the default port for HTTP traffic and is the first port that is attacked when trying to hack into a remote machine. This is a very simple setup and can be done in any router or firewall software and can be done by non IT professionals that have some knowledge of computers.

Man, your security is like the story of the three little pigs. You just happen to be the Pig that build his security out of straw and wonder why the big bad wolf still gets in.


welp.. if you're running a webserver port 80 is correct, 8080 is typically used as a workaround for ISPs who block 80 on residential lines.
8080 is no safer as its highly publicized that most idiots with poorly implemented home services use it, so it would likely get scanned first. Bot net owners want home machines behind residential gateways, not production level servers

this also includes the top 5 or so ports and their workaround ports
21
27
110
and whatever irc defaults to now

like i said, an open port is not a threat, most scanners are looking for their own malware to reply on those ports, but the port simply being open is not a huge issue unless there's a documented exploit connected with it



If you are running a webserver and have port 80 open, your doing it wrong. You should have port 80 traffic routed to another port for security reason. Leaving traffic on port 80 is asking for trouble.

An Open port is not a threat by itself but having open ports that are open for no reason is also another large NO NO in the IT field. Close every port and only have the ones you are using open.
Twulf
Order of the Eagles
#102 - 2012-03-15 20:39:03 UTC
Taedrin wrote:
Twulf wrote:
Muestereate wrote:
WHY are all the people with military type names so insistent that I open my doors to them. I have a right to keep and bare firewalls. Mine happens to be Russian where freedom still exists. Why are so many people against me having some privacy? Why do so many act as if they don't even think I should expect privacy and security. I pay a premium price, I expect a lot from any publisher for only a few bucks a month but now I have one that takes 20 times that off of me. Publication is one way, they put it out and I pay. They don't get information off me with or without my permission without compensation.



Well where to start.

First, if you have an internet connecton active on your computer, you have no privacy or security. Do you buy things online? You have not privacy. Do you do online banking? You do not have privacy. The internet is a great and wonderful place but it has many many danagers. Once your info is on the internet, that is it, nothing you can do but hope you are not a target someday.
End of Debate.

There is not such thing as hack proof or 100% security when we are talking about technology.

After working in the IT field for over 20+ years, computer/network security is a false sense of safe. It is a cat and mouse game and the mouse has the advantage Just like Cops and Crimials, Criminals have the advantage as they do not have a set of rules to follow like the cops do. Same thing with Security Experts and Hackers/Virus makers, the hackers/virus makers have the advantage and always will.

Port Scanning is not an attack and alot of programs and ISP companies do port scanning. It can lead to an attack but the most you have to worry about on a home PC is it becoming part of a BoT network and you would never know about it most likely.


I understand that take the time to setup your security and you want to have that false sense of safety but the reality is, unless you go back to dial up and/or unplug your router everytime you leave your computer, you will never been 100% secure and you will not have privacy.



"There is not [sic] such thing as hack proof or 100% security when we are talking about technology."

While this is strictly true, you can get pretty damn close to 100% security if you design the system from the bottom up to be secure. In fact, I would argue that with the proper resources you could design a system which can ONLY be compromised by some sort of physical intrusion or exploiting human error.


I disagree. What OS would you have running? Windows or MAC? Both are not secure, both have many ways to compromise them. Linux would be your best bet but how many people know how to use Linux? Not many I am going to tell you.

You cannot secure any system or network to be 100% secure, today with our current technology that is not possible if the computer is going to have an internet connection. If you have an IP address, your system is hackable. End of Debate.

If NASA and our Military can get hacked into, so can any computer on this planet. If Sony's Network can get hacked, so can your home network. Song, NASA and the Military spend more on IT security then most people will make in their life time and they are not 100% secure.

I have worked in the IT field for over 20 years now, I have never seen a system that was 100% secure and I have worked at some major corporations including IBM, GM and Bank of America.

Just think of IT security like crime. You will never be able to prevent 100% of it. ever.
Terminal Insanity
KarmaFleet
Goonswarm Federation
#103 - 2012-03-15 20:48:30 UTC  |  Edited by: Terminal Insanity
Twulf wrote:

If NASA and our Military can get hacked into

NASA and the Military gets hacked because they're a bunch of beurocratic self-appointed idiots. I mean look at any government run program. Its because most of them are career politicians and not actual scientists and engineers. Their only training is Debate Class, not Computer Sciences.

Military promotes a lot of people based on non-technical skills. I mean just the military in general, most people join it NOT because they're particularly gifted at computer science. Now thats not to say everyone in the military are idiots, many of them discover hidden talents and such, but for the most part, they are not 'the right people' to be running the technical side.

"War declarations are never officially considered griefing and are not a bannable offense, and it has been repeatedly stated by the developers that the possibility for non-consensual PvP is an intended feature." - CCP

Muestereate
Minions LLC
#104 - 2012-03-15 21:34:35 UTC
I'm emerging from reinforced mode and shields are about 95%. CCP can now probe my private parts. They will get nothing other than the knowledge that I am there should they wish to verify connections for some reason. I did find a nice way to exclude CCp from my attack detection settings. They are still probing with udp inbound but since I don't even know if their routing algorithms need a response from me, they get none. I will look further into port 80 as its not the way I want it. Also, I got one odd port like 1026, something about radar??? but its not connected to eve nor have I found out why its just closed instead of stealthed. Port 26000 sings happy tunes of outer space back and forth from CCP, probably London and my client hasn't discoed in over a day

Disco is a word a corp mate and I came up with because of the dance we used to do when we disconnected. My firewall is very small and very fast. Latency comes more from my antivirus calling home for other connections. shutting of its firewall and windows firewall really seems to speed up internal connections though i see some delay on their voice ports during jumps. I too agree that the source of most problems is on the operators side. We run updates, media, av voice and browse and then we go with stock settings or leave it wide open

All in all its been a good brushup to rework through this app while maintaining what I call acceptable security from the increasing international probing of the last couple months

Thanks for all your trolls, Languages and protocols are only a hobby for me. One day your the expert, the next day the village idiot. This is something that has taken time to understand and accept.
Morganta
The Greater Goon
Clockwork Pineapple
#105 - 2012-03-15 21:42:32 UTC
Twulf wrote:
Taedrin wrote:
Twulf wrote:
Muestereate wrote:
WHY are all the people with military type names so insistent that I open my doors to them. I have a right to keep and bare firewalls. Mine happens to be Russian where freedom still exists. Why are so many people against me having some privacy? Why do so many act as if they don't even think I should expect privacy and security. I pay a premium price, I expect a lot from any publisher for only a few bucks a month but now I have one that takes 20 times that off of me. Publication is one way, they put it out and I pay. They don't get information off me with or without my permission without compensation.



Well where to start.

First, if you have an internet connecton active on your computer, you have no privacy or security. Do you buy things online? You have not privacy. Do you do online banking? You do not have privacy. The internet is a great and wonderful place but it has many many danagers. Once your info is on the internet, that is it, nothing you can do but hope you are not a target someday.
End of Debate.

There is not such thing as hack proof or 100% security when we are talking about technology.

After working in the IT field for over 20+ years, computer/network security is a false sense of safe. It is a cat and mouse game and the mouse has the advantage Just like Cops and Crimials, Criminals have the advantage as they do not have a set of rules to follow like the cops do. Same thing with Security Experts and Hackers/Virus makers, the hackers/virus makers have the advantage and always will.

Port Scanning is not an attack and alot of programs and ISP companies do port scanning. It can lead to an attack but the most you have to worry about on a home PC is it becoming part of a BoT network and you would never know about it most likely.


I understand that take the time to setup your security and you want to have that false sense of safety but the reality is, unless you go back to dial up and/or unplug your router everytime you leave your computer, you will never been 100% secure and you will not have privacy.



"There is not [sic] such thing as hack proof or 100% security when we are talking about technology."

While this is strictly true, you can get pretty damn close to 100% security if you design the system from the bottom up to be secure. In fact, I would argue that with the proper resources you could design a system which can ONLY be compromised by some sort of physical intrusion or exploiting human error.


I disagree. What OS would you have running? Windows or MAC? Both are not secure, both have many ways to compromise them. Linux would be your best bet but how many people know how to use Linux? Not many I am going to tell you.

You cannot secure any system or network to be 100% secure, today with our current technology that is not possible if the computer is going to have an internet connection. If you have an IP address, your system is hackable. End of Debate.

If NASA and our Military can get hacked into, so can any computer on this planet. If Sony's Network can get hacked, so can your home network. Song, NASA and the Military spend more on IT security then most people will make in their life time and they are not 100% secure.

I have worked in the IT field for over 20 years now, I have never seen a system that was 100% secure and I have worked at some major corporations including IBM, GM and Bank of America.

Just think of IT security like crime. You will never be able to prevent 100% of it. ever.


this

there is a huge difference between passive attacks and active attacks
passive looks for fools who fall for socially engineered scams
active looks to take down services to make a point or a profit

most home users will see thousands of passive attacks but never see an active one.

and about port 80, this just makes me lol, rerouting your ports with nat will not protect you any more than keeping 80 open, if someone wants in they will get in, port 80 is a problem if you are a lame sysadmin and don't keep up on security updates that allow hackers to exploit port 80 vulnerabilities.

sort of like welding your front door shut and making everyone come in the back
hurr durr... its still a door into the house and anyone who puts a minimal amount of thought into it will get in
Callous Jade
Dockturnal Bromance
#106 - 2012-03-15 22:00:50 UTC
Muestereate wrote:
WHY are all the people with military type names so insistent that I open my doors to them. I have a right to keep and bare firewalls. Mine happens to be Russian where freedom still exists. Why are so many people against me having some privacy? Why do so many act as if they don't even think I should expect privacy and security. I pay a premium price, I expect a lot from any publisher for only a few bucks a month but now I have one that takes 20 times that off of me. Publication is one way, they put it out and I pay. They don't get information off me with or without my permission without compensation.



Guilty concience detected. Russian botter confirmed.
Twulf
Order of the Eagles
#107 - 2012-03-15 22:19:28 UTC
Morganta wrote:
Twulf wrote:
Taedrin wrote:
Twulf wrote:
Muestereate wrote:
WHY are all the people with military type names so insistent that I open my doors to them. I have a right to keep and bare firewalls. Mine happens to be Russian where freedom still exists. Why are so many people against me having some privacy? Why do so many act as if they don't even think I should expect privacy and security. I pay a premium price, I expect a lot from any publisher for only a few bucks a month but now I have one that takes 20 times that off of me. Publication is one way, they put it out and I pay. They don't get information off me with or without my permission without compensation.



Well where to start.

First, if you have an internet connecton active on your computer, you have no privacy or security. Do you buy things online? You have not privacy. Do you do online banking? You do not have privacy. The internet is a great and wonderful place but it has many many danagers. Once your info is on the internet, that is it, nothing you can do but hope you are not a target someday.
End of Debate.

There is not such thing as hack proof or 100% security when we are talking about technology.

After working in the IT field for over 20+ years, computer/network security is a false sense of safe. It is a cat and mouse game and the mouse has the advantage Just like Cops and Crimials, Criminals have the advantage as they do not have a set of rules to follow like the cops do. Same thing with Security Experts and Hackers/Virus makers, the hackers/virus makers have the advantage and always will.

Port Scanning is not an attack and alot of programs and ISP companies do port scanning. It can lead to an attack but the most you have to worry about on a home PC is it becoming part of a BoT network and you would never know about it most likely.


I understand that take the time to setup your security and you want to have that false sense of safety but the reality is, unless you go back to dial up and/or unplug your router everytime you leave your computer, you will never been 100% secure and you will not have privacy.



"There is not [sic] such thing as hack proof or 100% security when we are talking about technology."

While this is strictly true, you can get pretty damn close to 100% security if you design the system from the bottom up to be secure. In fact, I would argue that with the proper resources you could design a system which can ONLY be compromised by some sort of physical intrusion or exploiting human error.


I disagree. What OS would you have running? Windows or MAC? Both are not secure, both have many ways to compromise them. Linux would be your best bet but how many people know how to use Linux? Not many I am going to tell you.

You cannot secure any system or network to be 100% secure, today with our current technology that is not possible if the computer is going to have an internet connection. If you have an IP address, your system is hackable. End of Debate.

If NASA and our Military can get hacked into, so can any computer on this planet. If Sony's Network can get hacked, so can your home network. Song, NASA and the Military spend more on IT security then most people will make in their life time and they are not 100% secure.

I have worked in the IT field for over 20 years now, I have never seen a system that was 100% secure and I have worked at some major corporations including IBM, GM and Bank of America.

Just think of IT security like crime. You will never be able to prevent 100% of it. ever.


this

there is a huge difference between passive attacks and active attacks
passive looks for fools who fall for socially engineered scams
active looks to take down services to make a point or a profit

most home users will see thousands of passive attacks but never see an active one.

and about port 80, this just makes me lol, rerouting your ports with nat will not protect you any more than keeping 80 open, if someone wants in they will get in, port 80 is a problem if you are a lame sysadmin and don't keep up on security updates that allow hackers to exploit port 80 vulnerabilities.

sort of like welding your front door shut and making everyone come in the back
hurr durr... its still a door into the house and anyone who puts a minimal amount of thought into it will get in


Most hackers are looking for quick easy access, they do not want to have to work hard to find and open the back door. They see that port 80 is closed and move on to someone that does not have port 80 close. It is the best practice when setting up a webserver. You can disagree but that does not change the fact that it it correct.

If you do not have port 80 closed, then you are a lame Network Admin (System Admin take care of the computer systems, Network Admin takes care of the network and server systems.).

Again, look at criminals. Most criminals are not going to spend the time to break into a house with a Security system, so if you have a Security company sign on your house then most of the time they will by pass your house for an easier house. This is how Hackers work for the most part. Some hackers are looking for a challege and will see a blocked port 80 as a challege but that is rare.
Twulf
Order of the Eagles
#108 - 2012-03-15 22:27:05 UTC
Terminal Insanity wrote:
Twulf wrote:

If NASA and our Military can get hacked into

NASA and the Military gets hacked because they're a bunch of beurocratic self-appointed idiots. I mean look at any government run program. Its because most of them are career politicians and not actual scientists and engineers. Their only training is Debate Class, not Computer Sciences.

Military promotes a lot of people based on non-technical skills. I mean just the military in general, most people join it NOT because they're particularly gifted at computer science. Now thats not to say everyone in the military are idiots, many of them discover hidden talents and such, but for the most part, they are not 'the right people' to be running the technical side.


I do not disagree really but NASA does have some of hte best computer science people in the world working for them as they need them. NASA I think we can both agree relies on computers to operate.

The Military not so much but I know many great network admins that came from the Military.
Morganta
The Greater Goon
Clockwork Pineapple
#109 - 2012-03-15 23:22:37 UTC
Twulf wrote:
Terminal Insanity wrote:
Twulf wrote:

If NASA and our Military can get hacked into

NASA and the Military gets hacked because they're a bunch of beurocratic self-appointed idiots. I mean look at any government run program. Its because most of them are career politicians and not actual scientists and engineers. Their only training is Debate Class, not Computer Sciences.

Military promotes a lot of people based on non-technical skills. I mean just the military in general, most people join it NOT because they're particularly gifted at computer science. Now thats not to say everyone in the military are idiots, many of them discover hidden talents and such, but for the most part, they are not 'the right people' to be running the technical side.


I do not disagree really but NASA does have some of hte best computer science people in the world working for them as they need them. NASA I think we can both agree relies on computers to operate.

The Military not so much but I know many great network admins that came from the Military.


but any fool knows there is little or no connection between either organization's public and private networks
like its been said several times now, there is no defense for an attack against a webserver
but none of those attacks make it inside as most smart sysadmins will not have any connection between the two.

so hacking nasa wont bring down the iss and hacking the norad website won't give you access to the launch codes

and this also explains why neither organization gives 2 fiddlers **** when it happens
Doctor Mabuse
Republic University
Minmatar Republic
#110 - 2012-03-15 23:40:33 UTC
Twulf wrote:
Most hackers are looking for quick easy access, they do not want to have to work hard to find and open the back door. They see that port 80 is closed and move on to someone that does not have port 80 close. It is the best practice when setting up a webserver. You can disagree but that does not change the fact that it it correct.

So now you've closed down port 80, how do people get to that webserver? (though admittedly it's now a very secure web server)
Istyn
Freight Club
#111 - 2012-03-16 00:05:06 UTC
Muestereate wrote:
blacklist their IP probably under a level 2 corp category though i think of them more as a foreign threat.


Goddamn terrorists after our ISK.
Taedrin
Virtues Corporation
#112 - 2012-03-16 00:07:21 UTC
Twulf wrote:
Taedrin wrote:
Twulf wrote:
Muestereate wrote:
WHY are all the people with military type names so insistent that I open my doors to them. I have a right to keep and bare firewalls. Mine happens to be Russian where freedom still exists. Why are so many people against me having some privacy? Why do so many act as if they don't even think I should expect privacy and security. I pay a premium price, I expect a lot from any publisher for only a few bucks a month but now I have one that takes 20 times that off of me. Publication is one way, they put it out and I pay. They don't get information off me with or without my permission without compensation.



Well where to start.

First, if you have an internet connecton active on your computer, you have no privacy or security. Do you buy things online? You have not privacy. Do you do online banking? You do not have privacy. The internet is a great and wonderful place but it has many many danagers. Once your info is on the internet, that is it, nothing you can do but hope you are not a target someday.
End of Debate.

There is not such thing as hack proof or 100% security when we are talking about technology.

After working in the IT field for over 20+ years, computer/network security is a false sense of safe. It is a cat and mouse game and the mouse has the advantage Just like Cops and Crimials, Criminals have the advantage as they do not have a set of rules to follow like the cops do. Same thing with Security Experts and Hackers/Virus makers, the hackers/virus makers have the advantage and always will.

Port Scanning is not an attack and alot of programs and ISP companies do port scanning. It can lead to an attack but the most you have to worry about on a home PC is it becoming part of a BoT network and you would never know about it most likely.


I understand that take the time to setup your security and you want to have that false sense of safety but the reality is, unless you go back to dial up and/or unplug your router everytime you leave your computer, you will never been 100% secure and you will not have privacy.



"There is not [sic] such thing as hack proof or 100% security when we are talking about technology."

While this is strictly true, you can get pretty damn close to 100% security if you design the system from the bottom up to be secure. In fact, I would argue that with the proper resources you could design a system which can ONLY be compromised by some sort of physical intrusion or exploiting human error.


I disagree. What OS would you have running? Windows or MAC? Both are not secure, both have many ways to compromise them. Linux would be your best bet but how many people know how to use Linux? Not many I am going to tell you.

You cannot secure any system or network to be 100% secure, today with our current technology that is not possible if the computer is going to have an internet connection. If you have an IP address, your system is hackable. End of Debate.

If NASA and our Military can get hacked into, so can any computer on this planet. If Sony's Network can get hacked, so can your home network. Song, NASA and the Military spend more on IT security then most people will make in their life time and they are not 100% secure.

I have worked in the IT field for over 20 years now, I have never seen a system that was 100% secure and I have worked at some major corporations including IBM, GM and Bank of America.

Just think of IT security like crime. You will never be able to prevent 100% of it. ever.


What OS would you use? None of the above, you would write your own.

This is exactly the problem - people are (for lack of a better term) LAZY. Windows is over 5 GB of executable code. It is an incredibly complex system which is riddled with bugs. Linux is developed by a bunch of hobbyists working for free - they do not have the time nor the resources to create a truly secure system. Same deal with Mac - it's based off of BSD which is also developed by a bunch of hobbyists.

Here's the thing: how can a hacker exploit a buffer overflow vulnerability if you use strncpy() instead of strcpy()? It's mathematically impossible! A hacker can't mysteriously make 2 + 2 = 5. A hacker can't magically force your code to "forget" to check for an out of bounds array subscript. That hacker was able to execute arbitrary code by exploiting a buffer overflow on your system because YOU forgot to check for an out of bounds array subscript, not your program. That hacker was able to gain remote root access on your system because YOU programmed or configured it to allow remote log-ins.

Here is what I am trying to say: it isn't IMPOSSIBLE to create a 100% secure system. It is merely DIFFICULT and COSTLY.
Johan Civire
Caldari Provisions
Caldari State
#113 - 2012-03-16 04:10:10 UTC
CCP Mort wrote:
Hi, sorry about that

The source of the scan is our FCP guy, We wrote a devblog on it some time ago..

The FCP is listening to all client traffic and will probe clients with ICMP and traceroute through each of our Internet connections.It does that to figure out if another provider might have better latency or less loss than the one picked automatically by BGP. So if it finds a better path it will instruct our Internet edge routers to overrule the default path.

This is a non-intrusive probe with good intentions ;)

CCP Mort


Now in english? or isp and dts is even AKDP inside the LDJO ? Or CCP thinks that JDP is the TCP/IPX in turn of MTP to ?

Serieuse guys stop that ****.
Muestereate
Minions LLC
#114 - 2012-03-16 05:58:58 UTC
I've run across some real in game threats and some out of game surprises.

I thought passwords in browsers were encrypted. I put in a password manager cause I was getting to many and I lose track of the rotations sometimes and I get locked out. So I put on this manager and it pulls 570 accounts and matching passwords out of my system. These are accounts I long ago gave up on ever getting back in. My jaw still drops when I open this thing and hundred of password roll out

For all the Blue to everybody stuff. It seems cool to have access to other alliances forums but they get your IP and I think there are some exploits that allow non admins to grab the ip of anybody online or so I've heard. I know because I have gotten denial of service attacks that disconnected me in big fleets. When its happened I've been on forum I signed up for hastily to get com rights

All the third party jabber stuff teamspeak and mumble are pooling a lot of passwords and coupling them with your IP numbers and usually character names. Gaping security holes for losing engagements or losing your accounts. Some people just like to try for fun. Theirs

I'm always amazed at myself for putting in the latest eve tool that I just can't do without. Its easy to quit scanning the familiar ones when they have new builds but a very popular fitting tool can be found infected all over the net while finding the clean mirror is a major investigation

I'm not under the illusion my system is bulletproof but at least I know right away when something suspicious needs looked at.... I think
Taedrin
Virtues Corporation
#115 - 2012-03-16 06:16:52 UTC
Muestereate wrote:


For all the Blue to everybody stuff. It seems cool to have access to other alliances forums but they get your IP and I think there are some exploits that allow non admins to grab the ip of anybody online or so I've heard. I know because I have gotten denial of service attacks that disconnected me in big fleets. When its happened I've been on forum I signed up for hastily to get com rights

All the third party jabber stuff teamspeak and mumble are pooling a lot of passwords and coupling them with your IP numbers and usually character names. Gaping security holes for losing engagements or losing your accounts. Some people just like to try for fun.


Your IP address will change periodically when your DHCP lease expires (IIRC, should be every couple days or so). If someone harvests your IP address, it is only good for a few days.
malaire
#116 - 2012-03-16 07:00:51 UTC  |  Edited by: malaire
Taedrin wrote:
Your IP address will change periodically when your DHCP lease expires (IIRC, should be every couple days or so). If someone harvests your IP address, it is only good for a few days.

Not allways true - I've had same IP for months.

This seems to be called "automatic allocation" in http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol :

"automatic allocation: The DHCP server permanently assigns a free IP address to a requesting client from the range defined by the administrator. This is like dynamic allocation, but the DHCP server keeps a table of past IP address assignments, so that it can preferentially assign to a client the same IP address that the client previously had."

New to EVE? Don't forget to read: The Manual * The Wiki * The Career Options * and everything else

TheBlueMonkey
Aliastra
Gallente Federation
#117 - 2012-03-16 09:03:34 UTC
malaire wrote:

Not allways true - I've had same IP for months.

This seems to be called "automatic allocation" in http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol :

"automatic allocation: The DHCP server permanently assigns a free IP address to a requesting client from the range defined by the administrator. This is like dynamic allocation, but the DHCP server keeps a table of past IP address assignments, so that it can preferentially assign to a client the same IP address that the client previously had."


Kind of but not quite,
You'll have a TTL (time to live) on an IP address (which is setable by the provider) a percentage of time through this (usually 50% or whenever the machine's next turned on) your machine will rerequest the same IP address which the provider will give you unless it's been given to someone else.

The trouble is that your router's always on, so it'll almost give you the same address.

Turn your router off for a week and you'll get a different address.

A WEEK WITH OUT INTERNET!!!! HORROR!!!!!!
Tippia
Sunshine and Lollipops
#118 - 2012-03-16 09:14:08 UTC
Muestereate wrote:
I'm not under the illusion my system is bulletproof but at least I know right away when something suspicious needs looked at.... I think

Yeah, no. The problem here isn't that your system is or isn't bulletproof — the issue is that you're doing the equivalent of creating a bulletproof vest by duct-taping concrete slabs to your chest. Not only is it not going to provide you with any advantage, but it'll make your knees buckle in the process.
Twulf
Order of the Eagles
#119 - 2012-03-16 16:53:13 UTC  |  Edited by: Twulf
Doctor Mabuse wrote:
Twulf wrote:
Most hackers are looking for quick easy access, they do not want to have to work hard to find and open the back door. They see that port 80 is closed and move on to someone that does not have port 80 close. It is the best practice when setting up a webserver. You can disagree but that does not change the fact that it it correct.

So now you've closed down port 80, how do people get to that webserver? (though admittedly it's now a very secure web server)


Port 80 traffic is now routed via routing tables in your switch or firewall software to go to port 8080 or whatever port you want.
This does not stop traffic from going in and out but it does stop people from port scanning and see port 80 open which it is by default.

If you are port scanning so that you can hack into a computer or network and you see port 80 closed, most hackers will assume the network admin is smart and has other security measures in place and will move to the next easy target, no need to work hard when you can walk down the street to the house that is unlocked.
Gerald Taric
NEO DYNAMICS
#120 - 2012-03-16 17:57:50 UTC
Taedrin wrote:
There is not such thing as hack proof or 100% security when we are talking about technology.

Exactly.

I'm not a security specialist. But I suppose most infections will done by compromised (trusted by users) sources.

Like your favourite news page, which uses JavaScript for his web services. Once silently infected (the webserver), the maleware has free way to your computer, as you told the filter systems to let JavaScript pass from that trusted page. Of course the maleware is "new" and not detected at once by your Antivirus software. ... "Mission accomplished"

Or "they" look for a famous software portal, get into the distribution service and put a compromised installer there; or alter the sourcecode.

All that has already happened. And it will happen and happen again.

Of course there are technics to minimize the risk. BUT ... the had to be used. Ask the usual user out there, if he always checks the digital signature of downloaded Executables. Or if he did a checksum (MD5/SHA) test.

Imagine how to use - for example - the modern social network pages without JavaScript. They simply won't work (properly). And now imagine, what *WOULD* happen, *IF* some bad guy *would* got into it?

---

And - yes - the most scans seems to be consisting of probing for the "usual" ports. When i first installed an ssh daemon on a server, the access log file was immediatelly blown up by massive brute force inquiries on that port the daemon used.
I got annoyed by it, and changed the port to something unusual. - Wonderfull silence since then.

We could talk pages over pages over that topic. It's really huge.

--- ---

Anyway, my curiosity has now been awakened. I asked my home router to capture some traffic, but he did not caught the "scanning packets" mentioned above. Strange. I'm not sure if all has been captured, or if i did something wrong, or if the router has issues with that functionality. If i feel bored, i'll have a look again.