» »

kako lahko hekerji ti vdrejo v računalnik

kako lahko hekerji ti vdrejo v računalnik

r5r ::

men sploh ni jasn kako lahko hekerji prevzamejo oblast nad računalnikom ??

Hitra in enostavna znebitev: prekinitev linije(cvikcange, kabel > precvikane :D ) saj mislim :O
  • premaknil: perci ()

Yohan del Sud ::

Se strinjam. res pa je da je taka rešitev za resnega uparabnika skoraj enaka samomoru. Strežnik mora biti online 24 ur, če ne ni strežnik. Je pa to res skrajna rešitev....

[t502] ::

Nerabis cvikat, samo kabel "zmeknes" pa je. Zakaj bi te kabl uniceval :D

ABX ::

Ziher je ziher!

Vaša inštalacija je uspešno spodletela!

DavidJ ::

vi ste hudi.. kaj pa ce enostavno disconnectas? ce pa to ne gre pa izklopis racunalnik.. zdej bos pa rezu ... :\
"Do, or do not. There is no 'try'. "
- Yoda ('The Empire Strikes Back')

perci ::

Najbolj je udart po monitorju - to zihr pomaga ;)

ABX ::

Tehnično gledano ni res.

Perci: ne zavajaj folk.
Vaša inštalacija je uspešno spodletela!

perci ::

ABX: imaš prav, grdo sem zavajal, se opravičujem

ABX ::

O bom! Da ne boje rekli da posredujemo napačne informacije.
Vaša inštalacija je uspešno spodletela!

freejack ::

Perci, ne zavajaš folk, sam ne dajaš dovolj informacij. Preverjeno pomaga, če udariš monitor. Seveda ga morš tko udarit, da pade na tla, pri tem pa potegne kabel z napajalnika. Garantirano deluje. :D

Kk se lahk vdre v računalnik oz. prevzame oblast nad njim? Nimam nikakršnega namena koga žalit, sam če pa nimaš niti pojma kako naj bi vse skupaj potekalo, potem si pa ... zihr novinec na tem forumu :D Če ne,..pol pa uff >:D
Verjamem, da boš bolj težko našel kake url-je o tem kako vdreti v kakšen računalnik (čeprav se da, če veš kje iskati), tko da uporabi glavo in malce razmisli. Zihr boš pogruntal. :D

IceIceBaby ::

"Hitra in enostavna znebitev: prekinitev linije(cvikcange, kabel > precvikane ) saj mislim"

Ja dokler se spet ne konektaš.

Sploh pa je fora v tem da ti neveš da ti nekdo po compu šari. Takoj ko to postane jasno ga lahko tudi killaš, oziroma kakorkoli ospraviš posledice vdora.

Če pa več hočeš zvedet o temu pa tale link

Tito ::

Mislm, a ste že slišal za požarni zid in če nimate na svojem računalniku CIA inih strogo zaupnih podatkov vam noben norc nebo hekov! Pa še ena možnost je, da ne gledate trojancov (kliknime.exe ...)!

Pred parimi dnevi sem poslušal na radiju kako se znebiti virusev in hekerjev (Govoril je prevajalec pandinega antivirusa:\ STROKOVNJAK TOREJ!!!) Kako se znebiti virusov: da ne vlečete piratskih programov, da ne vlečete filmov in mp3 datotek (so potencialni ubijalci sistemov!!:) ) in take bedarije je kvasu! Skratka namesto da bi se poglobil v temo Virusna zaščita je pridigal kot da bi bil kupljen od APZ saj najbrž je bil! :)) :)) :)) :)) Toda pustimo stroko naj opravlja dobro delo!

IceIceBaby ::

firewall tudi ni 100% zaščita pred vdori.

footprint ::

"Firewall tud ni 100% zaščita"

Res? Firewall z backdoori res ni rešitev. Če se poglobim v to potem ugotovim, da morm sam napisat Firewall saj vedno obstaja vsaj en backdoor (avtor se mora zaščititi).

Kaj pa če imamo Router neviden za ping in zaprt za nedovoljene porte, pa za njim FIrewall s svojo access in denay listo, pa potem Mail in WEBProxy z integriranim Virus scanerjem in zanjem še gateway v DMZ-ju šele potem pa zasebno omrežje varovano z intrusion detection softwareom?

Mislim, da potem človek malo bolje spi. Ima pa kopico problemov. Skoz more gledat a je kje bil vdor, kolk mailov je v karenteni, kolk virusov je uletel not, preverjat ali je Virus scaner naložu zadnjo bazo z neta,...

Poleg tega da je vsa ta oprema svinjsko draga pol pa še dva zaposlit da to počneta?!? Ja če si odvisen od Interneta in ti ta prinese dovolj da pokriješ stroške in še živiš s tem.

Bistvo je tudi če imaš tako močno zaščito vedno in še enkrat vedno, pa če ne drugaš s spyware ali trojanci bodo informacije, ki ne bi smele tekle v svet. Sam sem prepričan, da je večino licenčne programske opreme tako napisane, da če ne drugega dela baz s število instaliranih kopij (kar ni težko narest pa še ilegalno ni). Sam najbolj zaupam OpenSource programerjem čeprav nisem dovolj dober da bi lahko vedu da mi oni nisko kaj podtaknili. Sem pa prepričan, da če bi bi se hitro zvedl. Zatu na moji mašini rula Linux antivirusnega programa pa enostavno nimam.:P :P :P

andrej ::

nope, se vedno se da vdret vsaj iz dveh faktorjev:
1. cloveska napaka - nobena napisana koda ni bug free.
2. druga cloveska napaka pri konfiguraciji. to se dogaja zelo zelo pogosto.
3. ce tudi mas bug free firewall in popolno konfiguracija se vedno obstaja nacin kako prid noter... da vidimo ce kdo pogrunta ;)

ce nekdo sam napise firewall, se grem stavit, da bo v 99.9999 % primeri "slabsi" kot obstojeci produkti na trgu. Da niti ne govorimo kako dolgo bi trajalo, da bi napisal funkcionalno celoto.

IceIceBaby ::

social enginering :)

freejack ::

[18:05] On your marks.
[18:05] Get set.
[18:05] Go!
[18:05] okay, so today's topic is...
[18:06] how servers are hacked
[18:06] basically, of course
[18:06] cracked
[18:06] yeah, cracked
[18:06] terminology...
[18:06] hehe
[18:06] :-)
[18:06] that's what you wrote on your website ;p
[18:06] :)
[18:06] anyway, most of those website defacements...
[18:06] dns cracks
[18:06] email cracks
[18:06] ftp cracks
[18:06] etc' etc'
[18:06] they're usually done in fairly easy and simple ways
[18:06] that do not require much knowledge
[18:07] they're usually done by little kids
[18:07] mostly little kids in "hacking" groups
[18:07] who want to show the world how smart they are
[18:07] Phase I
[18:07] --------
[18:07] oops...
[18:07] -------
[18:07] DAMN!
[18:07] lol
[18:07] okay, all over again
[18:07] Phase I
[18:07] -------
[18:07] ahh...
[18:07] that's better
[18:07] any questions so far?
[18:07] okay, so phase one is...
[18:07] intelligence gathering
[18:07] why is it so easy?
[18:08] we'll get to that
[18:08] because of ./i-0wn3d-u ;p
[18:08] exactly
[18:08] if some of u don't understand, don't worry
[18:08] we'll get to that
[18:08] so anyway, stage one is intelligence gathering
[18:08] this is the most important stage
[18:08] why?
[18:08] ...
[18:09] because otherwise you'll find yourself trying thousands of sunos 3.4 exploits
[18:09] need to know what os
[18:09] you have to know what exploits apply
[18:09] while you're actually attacking an nt4.0 server
[18:09] what os...
[18:09] and what is the host running
[18:09] *** c0c0_ has joined #bsrf
[18:09] those are the two most important phases in intelligence gathering
[18:09] damn i've disconnected
[18:09] getting them is fairly easy
[18:09] *** c0c0 has quit IRC (Ping timeout)
[18:09] welcome c0c0_, we're in the middle of the lecture
[18:09] *** c0c0_ is now known as c0c0
[18:09] poor soul
[18:09] nmap?
[18:09] :-)
[18:10] that's two
[18:10] nmap is too "advanced" for most script kiddies
[18:10] advanced?
[18:10] most people use really amateurish methods
[18:10] such as reading daemon banners
[18:10] (yes, it requires the "cracker" to have unix... ooh)
[18:10] hehe
[18:10] whats a daemon banner?
[18:10] and to know how to install new software
[18:10] ha
[18:10] alright, i'll show u
[18:10] oo me oo me!
[18:10] everyone, do telnet mailgw.netvision.net.il
[18:10] this is my isp's smtp server
[18:11] smtp = simple mail transfer protocol
[18:11] but daemon banner is trivial to be spoofed
[18:11] for outgoing mail
[18:11] yes, of course
[18:11] first, let's explain to those who don't know what daemon banners are
[18:11] what do u get when u telnet to mailgw.netvision.net.il?
[18:11] oh, i think i know what you mean
[18:11] Trying 194.90.1.14...
[18:11] "could not connect"
[18:11] :-)
[18:11] telnet: connect to address 194.90.1.14: Connection refused
[18:11] telnet: Unable to connect to remote host: Connection refused
[18:11] oops
[18:11] *** SnIpEr_WoLf_ has left #bsrf
[18:11] telnet mailgw.netvision.net.il 25
[18:11] *** SnIpEr_WoLf_ has joined #bsrf
[18:11] telnet mailgw.netvision.net.il 25
[18:12] port 25, this is important
[18:12] smtp runs on port 25
[18:12] yea
[18:12] I'm on...
[18:12] we get like sendmail version etc...
[18:12] running sendmail
[18:12] 8.9.3 sendmail
[18:12] yup
[18:12] 220 alpha.netvision.net.il ESMTP Sendmail 8.9.3/8.8.6; Sat, 22 Jan 2000 19:14:41 +0200 (IST)
[18:12] a linux/unix?
[18:12] this is what u get
[18:12] *** Sniper_wolf__ has joined #bsrf
[18:12] this is a daemon banner
[18:13] hmmmm, oki
[18:13] btw check blacksun.box.sk/ports.txt for a list of standard ports
[18:13] now, what does it tell us?
[18:13] ooh, sendmail
[18:13] the dumbest daemon ever
[18:13] it just gave us the version of the daemon that is running
[18:13] it's a unix type sys
[18:13] usually, in sendmail holes, the OS doesn't matter much
[18:13] yup
[18:13] now, suppose we're some script kiddie
[18:14] so we have the version
[18:14] of the daemon
[18:14] now we go to, say, packetstorm.securify.com
[18:14] or neworder.box.sk
[18:14] and we search
[18:14] bugtraq
[18:14] technotronic
[18:14] ;p
[18:14] we use keywords such as "sendmail 8.9.3"
[18:14] yes, bugtraq is good too
[18:14] look for a crack/bug
[18:14] yup
[18:14] ntbugtraq.com
[18:14] now, here is what we'll find
[18:14] we could find:
[18:15] that's pathetic!
[18:15] a) advisories
[18:15] these hardly mean anything to crackers
[18:15] they only explain to u how to fix the hole
[18:15] and a little technical backgruond
[18:15] and a little technical background
[18:15] which the common script kiddie won't be interested in
[18:15] b) texts
[18:15] texts will detail the hole
[18:15] how to exploit it
[18:16] and a workaround, if any
[18:16] c) an exploit
[18:16] BINGO!
[18:16] an exploit is a premade program
[18:16] that exploits a certain hole
[18:16] all the cracker has to do is to compile it
[18:16] (unless it's written in perl)
[18:16] (or another interpreted programming language)
[18:16] bash
[18:16] ('cause they run in the form of source code)
[18:16] So crackers are usally lazy punks...
[18:16] yes, or a shell script
[18:16] although u'll hardly ever found exploits in the form of shell scripts
[18:16] pamslam.sh
[18:16] heheh ;p
[18:17] sniperwolf missed everything from phase one 'till "the dumbest daemon ever"
[18:17] redhat and mandrake rooter
[18:17] can anyone plz help him?
[18:17] i'm kinda busy here with the lecture and everything
[18:17] :-)
[18:17] other daemons a cracker might want to look at:
[18:17] ftp
[18:17] by logging into ftp servers
[18:17] when logging into ftp servers
[18:17] u usually get technical information about the system
[18:18] u could also try to issue the syst command
[18:18] which will also give away some information
[18:18] webservers
[18:18] if u issue a bad url request
[18:18] it'll give u some info
[18:18] for example: try surfing to http://blacksun.box.sk/some-dead-link.h...
[18:18] like they are usun apache
[18:18] it'll give u an error msg
[18:18] and the name and version of the webserver program
[18:18] fairly easy
[18:18] all u need is a browser
[18:19] crackers can also utilize newsgroups daemons
[18:19] how bout pop mail?
[18:19] and others
[18:19] pop mail too
[18:19] Apache 1.3.6 port 80
[18:19] pop3 usually reveals information
[18:19] ftp port 21
[18:19] news port...
[18:19] 119, i think
[18:19] pop is...
[18:19] telnet
[18:19] uhh, damn
[18:19] 110 = pop
[18:19] 110
[18:19] yeah
[18:19] telnet too
[18:19] telnet to port 23
[18:19] yep 119 if it is not a secure connection
[18:19] go ahead and telnet to blacksun.box.sk on port 23
[18:19] u'll get some info on the system
[18:20] but what if we change this information?
[18:20] *** Sniper_wolf__ has quit IRC (IL.Quit: I was using Ghost_Rider Script version 2.0)
[18:20] most of today's server programs let u do it
[18:20] most admins do it.
[18:20] redhat linux 5.2 --- you learn the os
[18:20] Kernel 2.0.36 on an i586
[18:20] and the system
[18:20] so suppose we've changed the daemon banner
[18:20] Red Hat Linux release 1.2 (Apollo)
[18:20] but what if...
[18:20] ...
[18:20] we're dealing with a smarter script kiddie?
[18:21] (ph33r)
[18:21] they exist?
[18:21] yeah
[18:21] :)
[18:21] there are some
[18:21] nmap!
[18:21] yes, unfortunately ;p
[18:21] yup
[18:21] www.insecure.org
[18:21] download nmap
[18:21] queso may be?
[18:21] how does nmap work?
[18:21] winfingerptint.exe
[18:21] queso too
[18:21] winfingerprint too
[18:21] winfingerprint is for windows
[18:21] the others are for unix
[18:21] get them all at packetstorm.securify.com
[18:21] windows nt
[18:21] how do they work?
[18:21] pretty simple
[18:21] each OS has what we call tcp/ip fingerprints
[18:21] why?
[18:22] it trys all these same techniques don't it?
[18:22] because each os implements tcp/ip in a different way
[18:22] kinda
[18:22] yeah
[18:22] basically, nmap and the others are just port scanners
[18:22] ya now I remember
[18:22] but they do more
[18:22] they can detect these fingerprints
[18:22] and give definitive information
[18:22] this irc server gives a lot if advertising msgs..
[18:22] the win tcp/ip stack is easy to detect
[18:22] yes, it's the easiest
[18:22] windows is the easiest to detect
[18:23] detecting the difference between two similar unix distributions is harder
[18:23] detecting the differences between, say, some unix and windows
[18:23] or mac and windows
[18:23] is fairly easy
[18:23] could you spoof fingerprints? as an admin i mean
[18:23] so our smart and elite script kiddie grabs his copy of nmap
[18:23] how bout between linux distro or *bsd?
[18:23] but nmap uses a combo of all the techniques.
[18:23] technically, u can, but it takes a lot of messing around with code and stuff
[18:24] and u probably won't be able to do it well
[18:24] nor hide from all techniques
[18:24] also, nmap does other things
[18:24] it's a portscanner that can also scan through firewalls
[18:24] but do your really have too hide?
[18:24] more on nmap's website and nmap's man pages
[18:24] (it installs a manpage)
[18:24] (so u type man nmap after u install it)
[18:24] (and it explains everything)
[18:24] www.insecure.org/nmap
[18:25] arent your lost in say ftp trafic when ftping?
[18:25] well, if u reveal critical information about ur system
[18:25] u might be helping a cracker
[18:25] TheJoker: say again plz?
[18:25] does the cracker have to worry about hiding?
[18:26] yes
[18:26] so the cracker would implement some techniques
[18:26] wont' he/she be lost in trafic?
[18:26] such as the ones described in blacksun.box.sk/anonymity.txt
[18:26] generally, yes
[18:26] but there are IDSs
[18:26] IDS = Intrusion Detection System
[18:26] dynamic IPs now days
[18:26] they go over traffic
[18:26] and highlight several parts in the logs
[18:26] is a proxy enough to hide?
[18:26] which might mean a cracking attempt
[18:26] *** c0c0 has quit IRC (Ping timeout)
[18:26] bouncing ur connection would usually suffice
[18:27] okay, that's it. if u miss something, just wait for the logs to come out
[18:27] if the proxy party cooperate w/ us ;p
[18:27] or...
[18:27] suppose we telnet to nether.net
[18:27] and get a free shell account
[18:27] and then break out
[18:27] and manage to get root
[18:27] (suppose we do it from a public place so they can't trace us back home)
[18:27] now we have a root shell on nether.net
[18:27] and we can run exploits and hack from them
[18:27] http://freebooks.hypermart.net/proxy/pr...
[18:28] :-)
[18:28] free proxies worldwide
[18:28] nether.net is the best free shell provider
[18:28] okay, so these were phase one and two
[18:28] phase one - info gathering
[18:28] two - searching online databases
[18:28] now, suppose we're in
[18:28] now comes phase three
[18:28] no, not defacing the website!
[18:28] or dns database
[18:28] we have some other things to worry about
[18:29] first we need to clean out presence from the logs
[18:29] logs?
[18:29] or the admin might realize he got cracked
[18:29] thats what i'm doing right now
[18:29] and put more effort into security
[18:29] :)
[18:29] :-)
[18:29] this is where rootkit comes in ;p
[18:29] not these logs!
[18:29] hahaha
[18:29] yeah, rootkits automate such processes
[18:29] :p)
[18:29] *** INTJ has quit IRC (No route to host)
[18:29] * Chaotic_Thought grins
[18:29] fun for the whole family
[18:29] how does a rootkit actaully work?
[18:29] so now that we've cleaned our presence from the logs
[18:30] it's just an automated script
[18:30] it automates some tasks for u
[18:30] they only work on specific configurations
[18:30] *** INTJ has joined #bsrf
[18:30] of course, if we only clean the standard logs like klog (kernel logger) and syslog (system logger)
[18:30] shoot, israel.net closed me
[18:30] it might now be enough
[18:30] don't worry, just get someone to give u the logs at the end of the lecture
[18:31] okay, so if we only cleaned syslog and klog
[18:31] we might have still left some trace
[18:31] maybe the admin is using an external logging system?
[18:31] could be...
[18:31] in being rooted?
[18:31] hey, when ur done with the lecture, plz send the logs to tplec@zipmail.com.br (sniper wolf) and to me (barakirs@netvision.net.il)
[18:31] now, suppose we're a cracker
[18:31] and we've cleaned syslog and klog
[18:32] but the admin was using some external logger
[18:32] WHOOPS!
[18:32] we've left some presence
[18:32] dead
[18:32] wed be screwed..
[18:32] now, phase 4
[18:32] Do u want logs edited somewhat?
[18:32] *** SnIpEr_WoLf_ has quit IRC (IL.Quit: 12Delta 3.4 15,1- 14Dark15 Il16lu15mina14tion 15- - [ http://delta.cjb.net ])
[18:32] how do you get around that?
[18:32] so u need to do some research on the machine
[18:32] browse around in it's directories
[18:32] see what u can find
[18:32] and of course, u must have a lot of experience
[18:32] can one practice that?
[18:32] install some log cleaners on urself
[18:33] mess around with external logging programs
[18:33] etc' etc'
[18:33] skript kiddies dont though
[18:33] rootkit
[18:33] that's right
[18:33] u can practice that on ur own box
[18:33] script kiddies hardly ever practice
[18:33] the average script kiddie would skip phases 3 and 4
[18:33] phase 3 - deleting urself from the logs
[18:33] rootkit can make logging exclude our doings
[18:33] phase 4 - installing a backdoor
[18:33] (we'll get to that)
[18:34] btw, DO NOT just delete the logs!
[18:34] this will surely get the admin to notice
[18:34] DUH!!
[18:34] that's the dumbest thing u could possibly do
[18:34] just your intries!
[18:34] exactly
[18:34] u can also change ur entries
[18:34] and make them look like something more legitimate
[18:34] of course, u have to make sure they look authentic
[18:34] skript kiddies would'nt know thier entries form others would they?
[18:35] yup - experience with loggers
[18:35] yeah
[18:35] okay, let's move on
[18:35] suppose this whole process of cracking into the machine and cleaning the logs
[18:35] took u...
[18:35] 5 minutes...
[18:35] 30 minutes...
[18:35] maybe a couple of hours
[18:35] a day?
[18:35] ;-)
[18:35] *g*
[18:35] u wouldn't want to repeat that whenever u step in, would u?
[18:36] this is what backdoors are for
[18:36] hell no
[18:36] no
[18:36] ya!
[18:36] the most basic one is:
[18:36] useradd my-backdoor
[18:36] password my-backdoor my-new-pass
[18:36] we've just added a new user
[18:36] passwd
[18:36] oops
[18:36] you would'nt use my-backdoor!
[18:36] passwd my-backdoor my-new-pass
[18:36] sorry
[18:36] yes, of course
[18:37] adduser
[18:37] or useradd
[18:37] haha
[18:37] :-)
[18:37] depends on the system
[18:37] and on...
[18:37] nevermind!
[18:37] off-topic
[18:37] hehe
[18:37] it really doesn't matter
[18:37] you wanna do clickings in win ;p
[18:37] now we edit the passwd file
[18:37] and give the new account uid 0 and gid 0
[18:37] user id 0 = root access!
[18:37] access to ANYTHING
[18:37] not always
[18:37] group id 0 = root's group
[18:38] yes, of course
[18:38] but usually
[18:38] u can change anything on unix boxes
[18:38] SuSE has extreme restrictions, then you cant do some stuff
[18:38] the admin would notice a new god mode user!
[18:38] exactly!
[18:38] that's why it's the most obvious backdoor
[18:38] there's a program for unix that can restrict uid 0 guid 0 permissions
[18:38] a new god user would fire up some alarms, now wouldn't it?
[18:38] that's also true
[18:38] ya!
[18:39] so no smart cracker would use this method
[18:39] another possible method:
[18:39] taking some backdoor noone uses
[18:39] and trojan it
[18:39] oops, i mean daemon
[18:39] taking some daemon
[18:39] and trojaning it
[18:39] what about cracking the passwd file?
[18:39] no, we already have root access
[18:39] sshd daemon is a good one
[18:39] usually u won't need root's password
[18:40] u'll just run an exploit and get a root shell
[18:40] but after your in
[18:40] another possible backdoor:
[18:40] trojaning some daemon
[18:40] crack it and then you'll be able to get back in
[18:40] so the daemon would appear to be working just fine
[18:40] and will do everything naturally
[18:40] but will also allow the cracker to get a root shell
[18:40] but...
[18:40] what if the admin is running checksum checks?
[18:41] tripwire
[18:41] change them too... only problem left: time stamps
[18:41] there are programs out there, such as tripwire, which check the file sizes of files
[18:41] and let's the admin know when they're changed
[18:41] critical files
[18:41] that's true too
[18:41] the file's "last changed date" would also change
[18:41] sure, u can go around all of this...
[18:41] but this only means more variables
[18:41] more places where u can fail
[18:41] or make a mistake
[18:41] you could change sys time before you mod the file :p)
[18:42] and reveal urself
[18:42] of course, but that would be noticed
[18:42] *** [S]hun has joined #bsrf
[18:42] this is one of the main reasons that u need to make sure the admin is not present when u crack
[18:42] using finger
[18:42] if finger is available
[18:42] finger @target-host.com
[18:42] not much anymore.
[18:42] yeah
[18:42] it's hard to find an admin
[18:42] that is dumb enough
[18:42] to run finger!
[18:43] who
[18:43] suppose netvision.net.il (my isp) was running fingerd (finger daemon)
[18:43] run 'who'
[18:43] ppl would just be able to do finger barakirs@netvision.net.il
[18:43] and get tons of information about me
[18:43] yes, of course, once you're in, u can use commands such as who
[18:43] you would have to be on the system to use who
[18:43] ps aux
[18:43] exactly
[18:43] ps -aux
[18:43] this will show ALL running processes
[18:43] useful too
[18:43] sometimes to find loggers
[18:44] but the admin can change the process names of the loggers
[18:44] we can send the admin xxx passwd to distract him ;p
[18:44] now, here's another method
[18:44] using the r services
[18:44] especially rlogin
[18:44] go read rlogin's man page
[18:44] wait, lemme quote it
[18:44] okay, nm, lemme write something of my own
[18:45] rlogin is based on trust systems
[18:45] for example:
[18:45] suppose u require anyone who comes over to ur house to give a password
[18:45] three knocks or something
[18:45] some password...
[18:45] but suddenly, ur best friends comes over
[18:45] 4 is better
[18:45] and he doesn't know the password
[18:45] :-)
[18:45] will u let him in?
[18:45] of course u will!
[18:45] no
[18:45] u trust him
[18:45] lol
[18:45] heck no!
[18:45] u wouldn't
[18:45] trust systems would
[18:46] they suck!
[18:46] they're also good for more user-friendlyness
[18:46] I don't want my ps to be friendly
[18:46] send me the log please i must go
[18:46] so dumb clerks won't have to type in passwords all the time
[18:46] sorry pc
[18:46] micro$oft? *eg*
[18:46] *** squiler has quit IRC (IL.Quit: Leaving)
[18:46] now, trust systems are also serious security hazards
[18:47] go to blacksun.box.sk/books.html and read 'IP Spoofing Demystified' later
[18:47] now, let's take rlogin for example
[18:47] it was good.
[18:47] suppose u put a file:
[18:47] called /etc/rhosts
[18:47] put a file called rhosts in /etc
[18:47] which will look like this:
[18:48] somehost.com someuser
[18:48] the user someuser from somehost.com will be able to do:
[18:48] loggers would catch it?
[18:48] just a sec
[18:48] he'll be able to use rlogin
[18:48] to remotely login to this bx
[18:48] to remotely login to this box
[18:48] as ANY user
[18:48] or if u put an .rhosts file in a user's home directory
[18:48] he'll be able to log in as that user
[18:48] ANOTHER POSSIBLE BACKDOOR!
[18:48] but wait...
[18:49] that's fairly noticable, isn't it?
[18:49] ya
[18:49] most backdoors are
[18:49] so we need to put a lot of thought into it
[18:49] and some luck
[18:49] and make sure the admin is as dumb as possible
[18:49] should you make backup back doors?
[18:49] yes
[18:49] always
[18:49] on the other hand
[18:49] more backdoors
[18:49] would mean more chances
[18:49] that the admin will notice something wrong
[18:49] suppose u were an admin
[18:50] like a stupid one to make them think that they got you?
[18:50] and u would have suddenly noticed a backdoor
[18:50] u would panic, right?
[18:50] and put a lot more effort into security
[18:50] download every scanner u can find
[18:50] roam your system for backdoors and holes
[18:50] perhaps
[18:50] but they might find the stupid backdoor
[18:50] and then go crazy
[18:50] search the system
[18:50] and find ur other backdoors
[18:50] ya it's all luck,
[18:50] but a very smart admin had setup a honeypot ;p
[18:50] exactly
[18:50] yup
[18:50] honeypots are kewl
[18:51] he would attract a cracker
[18:51] and then...
[18:51] KABOOM!!
[18:51] <[S]hun> Whats honeypot ?
[18:51] ;P)
[18:51] or something...
[18:51] boobie trap
[18:51] a honeypot is a host or a certain situation that will attract crackers
[18:51] KABOOM? the mail bomber? ;p hahaha
[18:51] the admin will monitor his honeypot
[18:51] see if there are any bees trapped inside
[18:52] and then, once he sees something...
[18:52] he would realize that he's being attacked
[18:52] and maybe call the police
[18:52] or Robert Frost!!
[18:52] MWHAHAHAHA!!
[18:52] (the poet)
[18:52] nevermind, forget it
[18:52] :)
[18:52] private joke
[18:52] sounds like a personal problem
[18:52] so that was phase 4
[18:53] now, we're in
[18:53] we've cleaned the logs
[18:53] we have a backdoor
[18:53] now we only have one thing left to do:
[18:53] inflate ego in irc
[18:53] utilize the box
[18:53] perhaps for mailbombing someone
[18:53] perhaps for installing bots on it
[18:53] or flooding
[18:53] vhost
[18:53] or defacing the website on the box
[18:53] hack another box
[18:53] *** rekaerf has joined #bsrf
[18:53] yup, u can also set a virtual host on this box
[18:53] hey
[18:54] yes, or start other attacks against other hosts from this newly cracked one
[18:54] or just screw the system and kill a business
[18:54] yes, that's also true
[18:54] or...
[18:54] corporate espionage
[18:54] yummy!
[18:54] if ur a corporate spy
[18:54] credit card numbers ;p
[18:54] u could get info and stuff
[18:54] *** blu3h4z3 has joined #bsrf
[18:54] or maybe acccess credit card databases
[18:54] or other sensitive information
[18:54] so that was phase 5
[18:55] which is...
[18:55] well, the last phase
[18:55] LOL

andrej ::

kst: seveda:D tukaj ti 10 firewallov nic ne pomaga:D

Tito ::

hmm, pa kaj mate na kompu da se tok bojite? Nage babe?>:D

IceIceBaby ::

js na svojem compu niti firewalla nimam, ker se mi jebe če mi kdo po compu šari.

Ampak če pa delaš kej bol resnega je pa malo drugače z varnostjo. Verjetno si nobena firma ne želi pošiljat v javnost raznih poslovnih skrivnosti pa zastonj gostit broadcaste za napade na druge serverje ...

footprint ::

KST:
vidiš vsi ti računalniki brez zaščit (zombie računalniki), ki prej al slej postanejo gateway za spam ali kej drugega samo otežujejo delo da bi se napadi na strežnike umiril. Tako mora eno povprečno podjetje za firewall-e in razn software, ki ublaži te napade odštet obilo denarcev. Na koncu pa se vse to pozna nekje na plačah delavcev. In na koncu sami sebi pljuvamo v skledo.

Mislim da bi mogli vsi mal gledat na to in bit solidarni. Če pa je treba sesut MS pol pa so že ljudje ki to zanjo tud na drugačn način kajne?

IceIceBaby ::

Načeloma imaš prav. Ampak recimo z mojo mašino si težko pomagaš tudi če bi kakšen broadcast rad ali kaj podobnega. Imam dinamični IP, na dan je mašina prižgana 14, 15 ur pa še takrat se ponavad restarta 3x vmes ...

My point is. Če nisi 24/7 na netu, če nisi zanimiva tarča za take napade se ti ne splača imet compa blokiranga z miljon firewalli.
Če maš postavljen kak server pa obvezno, seveda. Pa ne samo firewall, sem sodi tudi dnevno updejtanje in patchanje pa spremljanje sistema itd.

Gandalfar ::

kst: ni res. Tvoja masina je cisto ql. Tezko dolocljiva, ker si samo se eden od mnogih adsl/kabl userjev z dyn ipjem (predvidevam, da si na eni taki povezavi - ce si modem user pol itaq ni fore).

Tkole to deluje: ti imas recimo 128k uplinka. Zdaj se pa igraj z stevilkami. Ce ti recimo uspe dat trojanca 1000 takim uporabnikom kot si ti (po celem svetu) in je od tega recimo 70% masin kadarkoli online. S tem dosezes priblizno 8Mbit pasovne sirine, ki jo lahko izkoristis za DoS napad oz. za zacasne irc bote al pa kaksne druge svinjarije. Lahk tud sam da se bounca skozi tebe.

Seveda so strezniki z hitro povezavo vec kot zazeljeni a tudi ti si izredno uporaben ^_^

preberi vec na grc.com

Saš ::

Ha imam bolšo rešitev!

PC-cillin 2002 ima opcijo "Emergencij lock" s katero lahko takoj prekineš povezavo.

Ne rabiš več cvikat

Gandalfar ::

Sas: boljso resitev za kaj? Zakaj pa mislis, da bos ti sploh opazil da imas nekoga v sistemu. Mislis, da bo heker napisal cez cel zaslon: "please standby while your system is use to compromise federal computers.." [>:D]

IceIceBaby ::

hmmm...trojancev sploh ne sprejemam :) Oziroma mi firewall nebi koristil. Trojanca/virus lahko dobim le če ga zavestno downloadam oziroma downloadam okužen file. Torej, če dobiš trojanca ali virus je to izključno človeška napaka. Če maš na disku antivirus in če mal paziš kaj dol potegneš je verjetnost da boš dobil kako zalego minimalna. Trojanci pač delujejo na principu "click here to see naked britny ..."
ZELO pomembno je tudi da maš mašino updejtano in patchano ... Grem stavt da je velik takih ki še vedno niso imuni na code red.

Torej. Firewalli in razne podobne zaščite na mojem workstationu nimajo mesta ker preprosto ni potrebno. S tem da skrbim za mašino preprečim 90% vseh zlorab. Seveda pa še vedno ostanejo luknje (neee...v windowsih pa že :)

btw...kaj če pogledaš v task manager v procese. A se trojanci skrijejo al jih vidiš ?

suse80 ::

Jaz pa uporabljam SuSe linux 8.0, firewall mam vklopljen, do interneta dostopam preko routerja na eni drugi mašini, ki ima instaliran Freesco linux ter svoj Firewall, Antivirusa nimam, mam pa port scanner, ki mi javi vsak dostop do portov na stroju.
Podatke imam seveda še zašitene z nastavitvijo pravic in uporabnikov.Po moje bi se mi težko kdo lahko prijavil na računalnik, ne da bi jaz to opazil.
Oddaljeni root dostop pa je tako onemogočen
Po moje so najbolj v nevarnosti stroji z Windowsi, kjer pa najbolj pogosto vohlja Microsoft. Proti njim se pa najbolje zašćitiš tako, da preprečiš Auto Update funkcije ter dodaš microsoftov URL med tiste, ki jih mora firewall zavrniti.
Podatki so nekomu veliko vredni, drugim pa je vseeno. Jaz imam na primer polno diskovje prevodov navodil za uporabo in mi res ni do tega, da mi jih kak nepridiprav ali virus po pomoti uniči. Pred leti sem dobil virus ( takrat še na win 95, dobil sem ga po e-mailu), ki mi je skvaril vse tiff,jpg in eps datoteke na disku. Po gobe mi je šlo več kot 400 skenov.. Še dobro, da sem jih skoraj polovico že shranil na streamer enoto.
Od takrat sem preklopil na Linux.

Po moje je 1000x več možnosti, da bo odpovedal disk s podatki vred, kot pa da heker kaj pokvari.
Obiščite stran o astronomiji ijn astrologiji http://www.mojevesolje.org

DMouse ::

Jest pa mislim da bi moral vsak poskrbet za zaščito pred vdorom s rednim posodabljanjem programske opreme (serverjev predvsem) in pazit da ne dobi trojanca. Navsezadnje, če je že njemu vseeno za podatke na disku, komu drugemu pa morda ni vseeno če je zaradi slabo zaščitenih računalnikov tarča ddos napada. Malo odgovornosti lepo prosim.
Samo moje skromno mnenje.

SLOWWWeb.net ::

Lahko bi razglabljali na veliko in široko, ker to je aktualna problematika.
Vglavnem, kar se tiče linux proti Windowsom: statistika.
__________________________________________________
WEBhosting / WEBdesign / WEBdomain / Security solutions
BREZPLAČNI marketinški nasveti za podjetja in www strani

Vredno ogleda ...

TemaSporočilaOglediZadnje sporočilo
TemaSporočilaOglediZadnje sporočilo
»

Deli za vozila

Oddelek: Kaj kupiti		91607 (1301) Polanc
»

Verjetnost pri kroglicah

Oddelek: Šola		61596 (1293) Math Freak
»

Undo za ComboFix

Oddelek: Pomoč in nasveti		181733 (1498) MrStein
»

Katere komade v TOP 100 listo?

Oddelek: Sedem umetnosti		214345 (3401) El Nino
»

Clarkconnect: kako preprečiti DDoS napade iz lokalne mreže?

Oddelek: Omrežja in internet		262388 (1754) pecorin

Več podobnih tem