[triadtechtalk] Re: Tiny Personal Firewall
- From: RPRKOCVGGPED@xxxxxxxxxxxxx
- To: triadtechtalk@xxxxxxxxxxxxx
- Date: Tue, 4 Sep 2001 12:18:23 -0700
From: Joe Strain
> --from "Joe Strain" <jstrain1@xxxxxxxxxx>--
> --reply triadtechtalk@xxxxxxxxxxxxxxx
>
>
>
> *** Triad Tech Talk
> (www.freelists.org/cgi-bin/webpage?webpage_id=triadtechtalk) ***
>
>
>
> Izzit true that "hackers" tend to prefer open-all-the-time-systems like=
> DSL and Cable for their mischief and a guy with a 56K dialup wont even=
> receive their entry attemps cause they ignore connections unless they're=
> FAST ?
> (naivete showing)
>
> Yodar
There are three factors at work here, bandwidth, static vs. dynamic IP
address, and vulnerability.
Bandwidth
Bandwidth is how much information can go into/out of your computer. The more
you have, the more valuable you are as a target. A cracker will often use a
target machine for things like storing warez (hacked commercial programs,
given away to other crackers). The faster the connection, the better it is
for supplying this warez to the cracker's friends.
For a home machine, this means cable/DSL is more popular than dial-up. Very
high-speed lines, like a commercial T-3, are more popular, but the crackers
are more likely to be caught, tracked, and arrested.
Static vs. dynamic IP address
An IP address is your location on the Internet, just as a street address is
your location in the real world. When you connect to the Internet with a
modem, or ADSL, or certain other types of connections, your IP address
changes each time (dynamic). This makes things a bit less convenient for the
cracker. If a cracker wanted onto your machine, and he starts a scan, and
you hang up, he loses you. He'd have to find you all over again to restart.
OTOH, if you have an unchanging address (static), he can set up an automatic
test to see if you are online, and, when you come back, he just continues
from where he left off. Also, if he is sharing your hard drive with his
friends, to distribute warez, for example, it is simpler for him if your
address doesn't change while he is telling his friends where you are.
Lastly, a static IP address usually indicates a machine that is connected to
the Internet a much larger percentage of the time than a dynamic. Your
typical dynamic user goes online for 20 minutes at a time, while a static IP
might link to a computer that stays online for days at a time. If it is a
commercial machine, it might be up just about continuously.
Note that once a cracker gets in, he can install a program that will tell
him your address whenever you connect to the Internet. This reduces the
difference, but doesn't eliminate the advantages of a static IP address for
the cracker.
Vulnerability
The third and most important key is vulnerability.
If your machine is wide open to the Internet, so that any "script kiddie"
with a port scanner will walk right in the moment he finds you, then you are
a big fat target, no matter what else is going on. However, just because you
don't have a firewall does not mean you are vulnerable. To be vulnerable,
you have to have something running that allows access: a Trojan, some
popular piece of software that recently was found to be really insecure, or
have MS File and Printer Sharing enabled. You are _not_ vulnerable just
because you have no protection.
I hope this helps!
David Nasset, Sr.
UNSUBSCRIBE by sending email to triadtechtalk-request@xxxxxxxxxxxxx with
unsubscribe in the Subject field.
To VIEW/CHANGE your subscription status go to
//www.freelists.org/webpage/triadtechtalk
Other related posts:
