On Apr 8, 10:49 am, Bullseye <bulls...@nospam.cat> wrote:
> On 7 Apr 2007 21:37:44 -0700, Shiva wrote:
>
> > Network Security threats for a large network with ample processing
> > power storing valuable or sensitive data is more easily understood
> > than the threats to standalone home computers.
>
> > Finding vulnerabilites in and attacking a large network is possibly
> > worthwhile for the that specifi network's enemy ( for e.g a direct
> > business competitior) who has a specific purpose or for the hacker who
> > is not a specific enemy. But is it worthwhile for hackers or hacking
> > groups to attack a standalone, connected to the Internet ?
>
> Absolutely. If a hacker can use a simple port scanner than can search the
> Internet with lightning speed and compromise enough systems, he or she will
> have quite the botnet network. It is this botnet network, many times, that
> becomes to tool for the hacker to attack the large company network.
>
> > The question is worded like this to ask "Is a home computer less prone to
> > be attacked ? and "Is a home computer less attractive for a hacker ? "
>
> Again, compromised and remotely controlled home computers mean increased
> bandwith. The more bandwidth, the more resources with which to attack the
> big boys.
>
>
>
> > Take the case of a desktop computer of average configuration, owned by
> > an average citizen of no significance in terms of wealth or power or
> > fame, who does not use a credit card and does not shop online. The
> > user does not have a reason to be a specific target by an "enemy".
>
> Home computers usually aren't specifically targeted. In other words, the
> hacker doesn't sit back and say, "Tonight I'm going to attack this specific
> IP address." Rather, they simply use port scanners, packet sniffers and
> other tools to find vulnerable ports, of which there are many out there. I
> clean malware off people's computers all the time, and it's amazing to me
> that the average user has no clue regarding computer security. This
> conversation goes on all the time:
>
> "Do you have a router?"
> "No."
> "Were you running a software firewall?"
> "No."
> "Do you have an antivirus installed and do you keep it up to date?"
> "No."
> OR
> "Well, Norton (or McAfee) came with the computer, but I haven't ever
> updated it or renewed the subscription."
>
> And, of course, it's usually something like Norton 2002, which seems to
> allow every piece of crapware ever made onto the computer. Why is it the
> most hosed systems I ever deal with have either Norton or McAfee installed?
> I have yet to deal with a completely hosed system that was running NOD32 or
> Kaspersky.
>
>
>
> > Why would his computer be compromised ? What is the purpose ? What are
> > the types of attacks ? And of what use to the hacker is the
> > information collected? What use are the computing resources of a
> > totally hacked PC of this unsuspecting user ?
>
> As stated, a simple RAT (remote access trojan) placed on your computer
> gives the hacker control of your system, and you don't even know it. The
> hacker uses your computer, along with the others he has compromised, to
> perform denial of service attacks and other fun stuff on the bigger fish.
> Also, while the hacker is at it, he or she will attempt to use the
> implanted malware to record your keystrokes, passwords, credit card
> numbers, and another personal information you enter on your keyboard. Any
> personal information that is on your computer (financial software,
> documents, you name it) may also be accessed. In short, if you are
> compromised, you are a sitting duck, especially if you use your computer to
> perform financial transactions or other tasks of a personal or sensitive
> nature.
>
> The types of attacks: There are many avenues of entry, but there are too
> many targets on the Internet for a hacker to take too much time on one of
> millions of systems. With the work I do, I see infected computers daily,
> and there are some common denominators:
>
> First of all, the majority of malware does not "sneak" onto people's
> computers. Most of it is voluntarily downloaded. A lot of instances may
> involved scare tactics, such as a script that appears saying, "Your
> computer has been infected with malware - Click HERE to download
> blahblahblah to clean your system." People go into a panic, click click
> click, and the damage is done. Or, they see a banner ad advertising some
> antivirus or antispyware application, download it, only to find out later
> it is a rogue application and is itself malware.
>
> Secondly, in 99.99999999% of the cases, the user is using Internet Explorer
> as their web browser - usually devoid of the most current security patches.
> Not only are they using IE, but everything is enabled: ActiveX, VBScript,
> JavaScript, etc. That in itself is an accident waiting to happen. These
> little scripts that advertise rogue applications wouldn't even show up if
> the proper settings were tweaked in IE. Do people realize ActiveX allows
> someone to literally run programs on your computer? That's fine if it is a
> cute little animation on a trusted web page, but what if the website has
> been compromised? ZAP!!! You go to the webpage, and via ActiveX, the
> hacker has control of your computer. Along with this I also have to include
> programs such as Windows Messenger and AOL Instant Messenger, both of
> which, for the average user, are portholes for malware directly to your
> system. Generally you have to click something while in the programs, but
> some worms are able to spread from system to system without any interaction
> from the user.
>
> Thirdly, improper system settings in general exist on most compromised
> systems. Things like NetBios, which is NEVER needed on a non-networked
> home computer. This is not so much the fault of the user as it is
> Microsoft. The reason I say this is because when you purchase your
> computer, the default settings are very vulnerable, and the average user
> doesn't know that certain things, like NetBios, should be disabled. There
> are other things I could mention, but my fingers are getting tired...
>
> The last item is simply the lack of proper security measures. If you are
> on a broadband connection, the least that you need is a good router - AND -
> change the default password; something which many don't even think of
> doing. After that, some kind of layered security measures (software
> firewall, antivirus, HIPS, etc) should be in place. There is a lot of
> debate about to effectiveness of certain security software, but after
> seeing what I see on a daily basis, I wouldn't be without it. A good
> security software suite can be done for free (although I don't really care
> for any of the free AV's). The point is - a lot of systems get borked
> because people don't have any kind of preventative measures in place.
> While security software might not stop all kinds of sofware or attacks, as
> a general rule, if a hacker is scanning, and your computer is behind a
> router, software firewall, with security software in place, the hacker
> isn't going to waste his or her time. There are too many easy targets out
> there to take the time to get through your defenses.
>
> --
> Posted via a free Usenet account fromhttp://www.teranews.com

Dear Bulls Eye,

I sent you a mail to thank you for such an elaborate response. Hope
you have received it.

Thank you again.