From: Joe Strain > --from "Joe Strain" <jstrain1@xxxxxxxxxx>-- > --reply triadtechtalk@xxxxxxxxxxxxxxx > > > > *** Triad Tech Talk > (www.freelists.org/cgi-bin/webpage?webpage_id=triadtechtalk) *** > > > > Izzit true that "hackers" tend to prefer open-all-the-time-systems like= > DSL and Cable for their mischief and a guy with a 56K dialup wont even= > receive their entry attemps cause they ignore connections unless they're= > FAST ? > (naivete showing) > > Yodar There are three factors at work here, bandwidth, static vs. dynamic IP address, and vulnerability. Bandwidth Bandwidth is how much information can go into/out of your computer. The more you have, the more valuable you are as a target. A cracker will often use a target machine for things like storing warez (hacked commercial programs, given away to other crackers). The faster the connection, the better it is for supplying this warez to the cracker's friends. For a home machine, this means cable/DSL is more popular than dial-up. Very high-speed lines, like a commercial T-3, are more popular, but the crackers are more likely to be caught, tracked, and arrested. Static vs. dynamic IP address An IP address is your location on the Internet, just as a street address is your location in the real world. When you connect to the Internet with a modem, or ADSL, or certain other types of connections, your IP address changes each time (dynamic). This makes things a bit less convenient for the cracker. If a cracker wanted onto your machine, and he starts a scan, and you hang up, he loses you. He'd have to find you all over again to restart. OTOH, if you have an unchanging address (static), he can set up an automatic test to see if you are online, and, when you come back, he just continues from where he left off. Also, if he is sharing your hard drive with his friends, to distribute warez, for example, it is simpler for him if your address doesn't change while he is telling his friends where you are. Lastly, a static IP address usually indicates a machine that is connected to the Internet a much larger percentage of the time than a dynamic. Your typical dynamic user goes online for 20 minutes at a time, while a static IP might link to a computer that stays online for days at a time. If it is a commercial machine, it might be up just about continuously. Note that once a cracker gets in, he can install a program that will tell him your address whenever you connect to the Internet. This reduces the difference, but doesn't eliminate the advantages of a static IP address for the cracker. Vulnerability The third and most important key is vulnerability. If your machine is wide open to the Internet, so that any "script kiddie" with a port scanner will walk right in the moment he finds you, then you are a big fat target, no matter what else is going on. However, just because you don't have a firewall does not mean you are vulnerable. To be vulnerable, you have to have something running that allows access: a Trojan, some popular piece of software that recently was found to be really insecure, or have MS File and Printer Sharing enabled. You are _not_ vulnerable just because you have no protection. I hope this helps! David Nasset, Sr. UNSUBSCRIBE by sending email to triadtechtalk-request@xxxxxxxxxxxxx with unsubscribe in the Subject field. To VIEW/CHANGE your subscription status go to //www.freelists.org/webpage/triadtechtalk