[Vision2020] New (and Old) Threats to On-Line Computers
Paul Rumelhart
godshatter at yahoo.com
Thu Feb 8 08:37:21 PST 2007
That's a frightening device. I can't believe a company actually
produces it and sells it, even if they do claim to be a "penetration
testing firm".
I'd also like to add that one important security procedure involves
setting a password on your personal wireless network at home, if you
have one. The fact that the default is to leave it wide open is
downright criminal. Yes, you have to type in a password to connect to
your own network - but so does the guy who just pulled up in front of
your house that wants to use your network to surf for child porn.
If you don't secure your own network, then you may not have the legal
right to file charges if some stranger connects to it. The issue seems
to be a gray area in the law right now. Worse yet, if somebody connects
to your system and does something illegal and it is traced back to your
access point, you may be the one going to trial. Basically, if your
network is unsecured, it is broadcasting a signal which translates to
"Come connect to me! My address is..." The person in the area, maybe
even a neighbor, might connect to your access point accidentally because
many systems are configured to connect to the strongest signal they see
automatically. So I definitely *don't* recommend delivering a payload
to them to disable their system if all you see is a connection that has
been made. I still don't condone electronic vigilantiism even if they
do something malicious, that's what the police and the courts are for.
Definitely be careful at public hotspots, as well.
Paul
Art Deco wrote:
> *New (and Old) Threats to On-Line Computers*
>
> Below the line are links to descriptions of a new device implementing
> an old method of attack on computers connected by a wireless method of
> one type.
>
> The cautious will read this material carefully. Although the device
> described is relatively new, the method used itself is not new and the
> method can be extended beyond simple Wi-Fi connections.
>
> There are several individuals in this area using laptops and special
> software to attempt to snoop and/or to implant snooping/remote
> broadcasting of the material on your personal computer and the
> real-time data streams occurring while you are connected to email and
> the web. Hardly a week goes by when my computer is not subjected to
> an attempt of this kind.
>
> A prior V 2020 discussion suggested some ways to help fend off these
> kinds of attacks:
>
> Anti-Virus software
> Spyware Detection and Removal software
> First class professional grade firewall software
> An intervening router with firewall capability
>
> It is important to check your firewall logs daily to see if attacks
> have been detected. If your firewall can be set to immediately notify
> you of an attempted attack:
>
> 1. Disconnect entirely from any connection you are using the moment
> the notification occurs.
> 2. Look for unfamiliar vehicles in your area, take license
> numbers. If a license number occurs more than once after an attempted
> attack or there is a speedy decampment, notify law enforcement.
>
> This should be a no-brainer: Do not tell anyone which anti-virus,
> spyware detection, or firewall software or hardware you are using.
>
> There is another remedy which is drastic, very effective, very
> expensive, and whose legality may be suspect: a device which uploads a
> poison pill to the attacker's computer. This pill works in the target
> computer's background. First it erases the boot-strap tracks, then
> erases the various parts of the directories on all disc drives, then
> all the data on all the disc drives surfaces. The latter takes a lot
> of time so that the attacker may be able to stop that part before it
> is complete. For some computers, the software can also cause some
> permanent hardware damage, mainly to the disc drives. At any rate the
> attacker will need to spend a great deal of time making their computer
> functional again. In addition, this device and associated software
> records a number of identifying characteristics of the attacker's
> computer so that information may to used to arrest and to convict the
> attacker may be gathered.
>
>
> Since the legality of this device may be suspect, please do not ask me
> for details. There are various search engines which can be of
> assistance should you be interested.
>
> Art Deco (Wayne A. Fox)
> deco at moscow.com <mailto:deco at moscow.com>
>
>
> ______________________________________________________
> Silica--a wireless hacking tool
>
> Photos: The scariest item at RSA 2007 is Silica, a portable hacking
> device
> that can search for and join Wi-Fi access points, scan for open ports,
> and
> launch code execution exploits.
> http://ct.zdnet.com/clicks?t=29190355-a10e1a02c3a4463047d2ade5662a85e8-bf&s=5&fs=0
> <http://ct.zdnet.com/clicks?t=29190355-a10e1a02c3a4463047d2ade5662a85e8-bf&s=5&fs=0>
>
> WiFi hacking with a handheld
> http://ct.zdnet.com/clicks?t=29190356-a10e1a02c3a4463047d2ade5662a85e8-bf&s=5&fs=0
> <http://ct.zdnet.com/clicks?t=29190356-a10e1a02c3a4463047d2ade5662a85e8-bf&s=5&fs=0>
>
> Focus: RSA 2007 security
> http://ct.zdnet.com/clicks?t=29190357-a10e1a02c3a4463047d2ade5662a85e8-bf&s=5&fs=0
> <http://ct.zdnet.com/clicks?t=29190357-a10e1a02c3a4463047d2ade5662a85e8-bf&s=5&fs=0>
>
>------------------------------------------------------------------------
>
>=======================================================
> List services made available by First Step Internet,
> serving the communities of the Palouse since 1994.
> http://www.fsr.net
> mailto:Vision2020 at moscow.com
>=======================================================
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.fsr.com/pipermail/vision2020/attachments/20070208/5eece866/attachment.html
More information about the Vision2020
mailing list