Hello,
People run security programs because ... they want to be secure. Oftentimes, though, I see many people mention the issue of hacking, in various contexts. And often, hacking is brought up as an imminent threat looming above people's head, and the only thing that keeps the hackers away is the vast panoply of softwares they run.
However, I think the man is his own greatest enemy.
So, my question is:

Do you use a lot of security software because you fear outsides or your own mistakes?

I will also add a little poll, but I would like people if they could justify why they use their security setups as they do. For instance, someone in finance business is afraid of his passwords being stolen, so he uses a keylogger. Another is an avid tester, so he needs a good anti-virus. And so forth.

So if you don't mind, step in and rationalize your choices, if you like.

Cheers all,
Mrk

You need a bath...(He he he just kidding.) ;D

Of course, yes, I am afraid to be hacked. Even though I am just an ordinary surfer with no very important files that a hackers can possibly steal, still I am very afraid, very very afraid. Outside attacks are unexpected anytime and these hackers are very passionate...:blink: but I hope my security softwares installed will protect me like an armour plate capable of deflecting and bulletproofing my system. I don't like my pc to become an easy target for them. And my gosh..:wacko: I don't like CIA's to investigate me thinking that I am the one who hacked their system. Some hackers can possibly make any pc's to become a stage point for their activities. But, I think most hackers are more interested hacking a bank rather than hacking an ordinary people's pc. :(

-{ Quote: "Do you fear you will be hacked?" }-
i do very much. mainly because i like hanging out in hacking forums. alot of the members have those sigs which show you your IP, user agent etc. the scripts they use to do that are hosted on their servers. they then go through the IPs and try to hack them, then post about it when they do :o

they mainly get in through weak passwords for things like SSH and VPNs. and one of the forums uses weak authentication for SIDs meaning they can hack your account if you click on a link in the forum which has a SID they set up :o

it does make me abit paranoid if i see something odd on netstat, but it's great seeing the things they can do, and what i can learn from them :dry:

i only have one security program running and that's my FW. i also use an HTTP Proxy and i use Ubuntu 8)

Hello,
And did they manage to hack you yet iceni?
Mrk

-{ Quote: "Hello,
And did they manage to hack you yet iceni?
Mrk" }-
i'm fairly certain, no. but i get paranoid if my computer starts acting up, like it is alittle atm. :-[ ;D

I have nothing important to hide on my PC but still it is private. Have you ever been stolen at home?
We were a couple of month ago and let me tell you it is a strange feeling when you get back home and you think that someone has been looking everyehere in your private things.:( We have a alarm system since then to protect us.

It is the same thing for your PC, you don't want any stranger to be able to "brake in" your private life.:)

I took the 3rd choice. I fear making a stupid mistake more than someone getting into my machine.

-{ Quote: "
i do very much. mainly because i like hanging out in hacking forums. alot of the members have those sigs which show you your IP, user agent etc. the scripts they use to do that are hosted on their servers. they then go through the IPs and try to hack them, then post about it when they do :o
" }-

Curious - what forums - what do you learn that is worth the time?

3º option...

Hello,
I think my answer would be 3.5.
My brother uses p2p 24/7, downloading porn and programs, he visits porn sites like a maniac using out-of-the-box firefox without even a single extension, and only firewall and av running real-time. And yet, whenever he does a bimonthly run with a variety of scanners, he never finds even one cookie surprise.
I'm a little more strict, but not much...
So I wonders...
Getting hit by something planted on a site requires good solid effort on behalf of the user. Being targeted by a hacker? In the world of DHCP, when private identification is virtually impossible, and so many people using totally unpatched pcs with outdated softwares and no firewall, a 'normal' Wilders user has a very good chance of staying safe and peaceful.
I ask myself - how can you know? Either way? How can you be so sure? How can you not be so sure? What is the ... ultimate standard?
Well, I think the best way to estimate the security / hackability is by personal experience / statistics. It's not as if they invented the port scanners only this year. The scanning of ports, the search for exploits, vulnerabilities has existed for many years. It's happening millions of times every second across the world of web, and many pcs are being scanned without even knowing - including firewalled pcs that simply drop the probe requests.
And the hackers scanned you and me many many times. And we visited many many sites. And they had exploits and vulnerabilities planted in, and drive-by-downloads. And what happened?
If a person did not get hacked in the last 2, 3 or 5 years, why should they all of a sudden be hacked? What's the cardinal difference that will all of a sudden change the fate against them?
Thinking this way you may then assume that you exist on the Internet only on the whim of the hackers - it's as if they decide when you will be hacked and you have no saying. It's the matter of time, or maybe chance.
Well ...
Chance - I think chance favors the smarter ones here. EVEN if hackers could hack everyone, they simply do not have time to do that - go for the dumb masses first. And reality?
I don't think so. Experience should mean something. Otherwise assuming anything we know about pcs - based on experience - is just an illusion. And I do not think that. I think there is a reason why someone does not get hacked. Not because it has not been done yet (you're on a waiting queue - we'll bot the dumb ones first, you wait your turn in 2010), but because it cannot be done. Not because hackers are dumb. On the contrary - because the computers are dumb.
If thought could kill so a thought could hack - but fortunately, pcs work by a very limited set of rules - and just as limited they are in their ability to help us (they don't make coffee, do they), they are limited in the scope of their vulnerabilities.
You need to communicate with a computer, you need a port, you need something behind the port to listen to it, you need that something to have a breach in its protocols that can be exploited, you need a gateway out of the weak application into the system. No black magic here ... too much.
Some people get hackedm unfortunately. Some get botted. But mainly, mostly, the majority clicks and clicks, and they have no clue what happens.
To sum my bullshiat speech...
I judge the world through experience and knowledge. Sometimes, fear and panic stand against you, but hey ... and this goes for everyone here, if you did not contract hackers in the last 1-10 years, why should you now? What's so different about March 2006?
Mrk

-{ Quote: "Hello,
I think my answer would be 3.5." }-I put my own answer at 3.8, maybe higher. So my simple answer is..., no.

Blue

Hello,
For the sake of everyone, I would kindly ask you to elaborate. No need for hysterical post like mine, just something to calm the folks ... :)
Your input is highly valued.
Mrk

I go with "As far as I'm concerned, the threat is virtually non-existent" ... I'm not much into paranoia - common sense is all it really takes. The only real threat is from RATs ... there isn't really any threat of being hacked directly. The social engineering methods aren't a secret, most savy users would be aware of and have the common sense to avoid such things - which would protected them from approx. 90% of the total possiblities. Browser exploits would be the most significant remaining threat (which is minimal), those too can be handled with relative easy, with proper browser configuration, reg hacks, web filters and available software ... particularly AVs with HTTP scanning.

So IMO the average user who is slightly PC savy and/or security conscience, practicing safe hex has nothing to worry about.

*puppy*

No I am not worried about getting hacked. The threat is real but my knowledge ,common sense and security apps I feel keep the possibility almost nil.

I think if we want to use the correct terminology, it would be cracked not hacked ;)

But back on subject, I have very little fear as long as I practice safe hex and ensure I have a solid av and firewall to catch any weird case like being redirected to a bad website or accidently clicking a malicious link in a security forum before the moderators get to it :P

Alphalutra1

I wouldn't challenge any cracker to try to violate my system as some of those guys are unfortunately very clever at that. But it's been more than a year that my system appears to be clean as a whistle and I've visited all sorts dangerous sites (not a habit though).

Yes I'm confident my setup can withstand just about any malware contingency and therefore my answer is definetly no.

-{ Quote: "ut hey ... and this goes for everyone here, if you did not contract hackers in the last 1-10 years, why should you now? What's so different about March 2006?" }-

The hackers are getting more skillful, more determined, more professional, malware is more stealthy etc etc. :)

Not surprised at Sweater's answers. Suprised at Iceni60's but i suppose running with the leet (lol) crowd might tend to make one paranoid.

The poll as I write this shows, a 50% split between "the afraid" and "the not afraid". I suspect a certain selection effect at work, and most of the comments will be by the "unafraid".

Of course among the ranks of "the unafraid" are people running some serious arsenal for protection......

Hello,
I don't think the coders have become more skillful or professional - determined yes. But so has the Internet grown by thousands of percents, hence the need for determination ... :)
Mrk

-{ Quote: "Curious - what forums - what do you learn that is worth the time?" }-
i've got a big mouth :-[

here's a good security site nothing against this forum's TOS. i'd recommend listening to the podcasts in reverse 7,6,5 etc. i was going to say have a look at the forums but, it looks like they're having problems atm.
http://www.sploitcast.com/

i can't find anything else i can link to.

-{ Quote: "Hello,
For the sake of everyone, I would kindly ask you to elaborate. No need for hysterical post like mine, just something to calm the folks ... :)
Your input is highly valued.
Mrk" }-Mrk,

There are a few parts to this answer which considers the context of the hack. They are: Hacked by someone with physical access to my machine who wants to learn something, perhaps via a keylogger or something akin to that. That basically won't happen on my home machines based on my trust in the family and what the rest of the family knows about PC's. If it did happen, I have a lot of confidence that either NOD32/KAV (depending on machine) or BOClean would flag the install if it occurred (it won't, but just to placate those who would say it could...). I also pay attention that all normal applications launch correctly and periodically check on logs (once every few weeks). On my work laptop, basically that's a locked down XP Pro install. The only installs possible are through an IT person logged in as an admin or via a push install. There's no personal information on that machine, I use it strictly for work activity. Ultimately, I trust the people who have physical access to my machines. If I didn't, they wouldn't have physical access period.
Installation of some malware application via a trojandownloader..., see above. Yes, I rely on the security applications I use, that's why I purchased them, but I also rely on knowing how my machine typically functions in normal use contexts. If I notice a deviation from the norm, I find the cause.
As a directed targeting by someone on the internet who wants revenge/to annoy me/etc..., well, as a private user on the net, my reaction is to get real. I see posts in many forums on the net from people who claim to have been hacked by some anonymous or stalking stranger. In virtually all the cases that I've personally followed, they could not provide even the simplest of technical details regarding the symptoms of the hack. It's always been that the machine has gone flaky, it's slowed down a lot, or random glitches have started to appear. All of these events are explainable using far simpler reasons (hardware on the verge of failure, software incompatibility, turning off a needed service trying to run a minimal install and not really knowing what you're doing, having a plethora of adware installed on a PC, having a multitude of autostart entries - all of which are valid - but you're simply letting too much start and they are encountering issues on start due to timing phenomena). William of Ockham was quite right, Do not introduce unnecessary entities in explanations.
I pay attention to what's running on my PC. Not on an hourly basis, maybe every few weeks. If I don't recognize the process, I check it out to verify it is valid.
I have a relatively static machine. It is fully patched, but except for those updates, I am not continually loading and unloading new applications from an unclear origin. Virtually all my testing of new software is done on a second boot partition. For this reason, I have a reasonable expectation of how the primary boot partition of this machine should behave. There is merit in sticking with a solution/configuration for a while if it works well, you will be in a position to notice minor deviations from the norm.Now, for anyone concerned about rootkits, malware infecting your BIOS, stealth code inhabiting your video memory, or whatever the flavor of today's alarmist call is, I didn't put my answer at precisely 4.00000. I recognize there is a finite chance of being hacked. My personal opinion is that this likelyhood is extremely close to zero.... (i.e. I'm a 3.999'er).

Let me go a bit off-topic here, and go a bit beyond being hacked, since I feel that is a non-issue.

Those who read my posts, and have a view of my basic security package (http://www.wilderssecurity.com/showpost.php?p=352128&postcount=6), may feel the perspective above it at variance with what I run. If so, I respectfully disagree. My main issues are maintaining uptime, performance, dealing with junkware (very irritating but not aggressively malicious adware/spyware), and with the infrequent challange from the outside. I do download programs from the internet, so I do like independent confirmation they are fine. I do occasionally run into downloaders/adware/mild spyware and the like, and I do prefer an automated approach to removing that from my machine as well as the remaining family machines. Finally, there is that point at which I get a genuine malware challenge. From my experience working with computers starting in the mid-'70's and being on the internet/ARPANET since the '80's, I've seen what I would term a serious challenge every 3-4 years. Let me repeat that, one every 3-4 years. That is the average that I've seen since the '70's. This is not hacking/rootkit type challenge, but a more mundane simple malicious piece of malware. Hacking I place at a much lower frequency simply because I've never experienced it. Does it happen? Sure, but let's put some context here. An individual PC user is a value-lean target, that implicitly sets a ceiling on the complexity and novelty of malware that one needs to operationally guard against. It simply does not make sense to devote resources in the form of a powerful and sophisticated piece of malware for so little return. For the most part, individual users need to be able to handle malware that is, excluding the zero-day case, very well characterized by the time they are exposed to it. Basic packages handle this well. If one has a public presence, say a commercial operation or a fixed controversial target (say a controversial blog), the value, if you will, ramps up significantly. Now, there are plenty of machines out there which are part of botnets and you can view these as hacked/cracked. I don't dispute that, what I do maintain is that even a minimal practice of cyber-hygiene with a standard commercial AV would completely eliminate that problem.

I use what I view as a very strong complement of approaches to deal with the threat level I see. In terms of yearly cost, it's about $60-75/machine (i.e. a buck a week) after an initial outlay of a couple of hundred in addition to that. To me, that's an appropriate level for something that may come around every few years and put my machine off-line for a few days and require me to spend a number of hours on a rebuild. That is the frequency I expect and configure for. My main machine/partition which I'm typing this from uses NOD32/SafenSec/BOClean/and a software firewall (I flip between Outpost & LooknStop). The remaining home machines are configured similarly. There are a number of other tools available if needed, many free, some paid, and some purchased for in-depth evaluation but currently on the sidelines for a variety of reasons. I keep abreast with developments out there since I want to have my plan B in place if one of the applications I use is discontinued. It's happened before (TDS-3), it could happen again.

Finally, in viewing this whole thing as an exercise in risk assessment and mitigation, it is useful to use health as an analogy since you are dealing with the health of your PC. For those who cringe at analogies, sorry. What do you carry health insurance for? It's not for simple cuts and bruises, it is for the infrequent out of ordinary health event which could be quite costly. How much coverage is needed? I won't tackle that, but I do know that while it is possible to run up bills in excess of $1 million, it is basically not physically possible to run up bills (for the individual) in, say, the $ 1 billion range. However, I'm sure you could get someone to provide that level of insurance, but the cost will be completely out of scope with regards to the potential payback. The case is similar with your PC, except replace insurance coverage with security directed applications. My own read is that too many people run without any coverage (who need it), and a number run with billion dollar policies which are simply unneeded. Since I can afford it, and lost time is a priority to me, I go with million dollar coverage. You can do quite well with much less. Conversely, you get the million dollar coverage, engage in behavior much riskier than I do, and do quite well in that instance as well. What you don't need is billion dollar coverage or to worry incessantly about how you would deal with that billion dollar hospital bill....

Sorry for the length....

Blue

iceni60 the stuff you mention is interesting and typical but are they of any direct relevance to the question of whether you can hack say the "afraid" Sweater's system? Given his ip?

Why are you all so unafraid?? On average we have 2-3 links being posted that reports on either some dangerous vul found (cookies can be stolen!) , some expert commenting on a future dangerous trend (Spyware for firefox by the end of the year!) , people reporting that so and so antivirus missed a sample or is bypassed simply by hex editing or packing , outbound firewalls are easily bypassed, some sample test is posted for which you fail....

It makes sense to be scared.

Hey yeah DA "It makes sense to be scared" you're right lol

. . .

No i'm not afraid at all ! Afraid is the wrong word as far as i'm concerned, but i know what you meant, so that's ok. Paranoia is the fear or something happening that may never happen. Being open and aware that stuff can and sometimes does occur for all sorts of reasons, including failures of software etc, oh yeah and people, is just wise i feel. No need for fear etc.

I have purposely visted many sites with dangerous content embedded and/or linked to further such sites. I also visit various exploit etc sites too for info. Sometimes i look at my FW logs in real time whilst i do that, and notice blocked inbounds that start to come from different IP's directed at the same ports. None have ever got through, and after a while they cease. As my ports are all stealthed they can't see me anyway, especially after i have left their sites. And as i have a dynamic IP they can't specifically target me either.

In the last few months or so, i started to check my FW logs more often again just out of curiousity. I found that i was, and have been ever since, probed hourly every single day to the same 5 ports by many different Gov etc security services, both US and others ! Also others which you might think were innocuous on the face of it, but i've checked them out, and the're not. I believe they are fronts within innocent sounding organisations and some companys, both large and small. It might seem like the matrix etc, but it definately is happening all the time. Why they should be " appearing " to scan me, i don't know. The only way they could know my IP at any given time is with assistance from my ISP.

One other alternative is all, and i mean ALL, those people etc are scanning those 5 specific ports across at least my ISP's whole range, and maybe others too. Why would the Mil and Gov etc etc do all that and so often and precisely the way they do it ? I actually think it's funny, as i'm not doing anything wrong, and if they or anybody else did manage somehow to break in, well they'd be very dissapointed as to what they'd find lol.

Here's that thread with more details about it all

The Feds and Mil just scanned me http://www.wilderssecurity.com/showthread.php?t=115870

DA's response "Of course among the ranks of "the unafraid" are people running some serious arsenal for protection......" It's nice to hear you agree some people are seriously protected with Apps, whoever they are, i've only got a few serious ones, but the're pretty good i think !


StevieO

-{ Quote: "Hey yeah DA "It makes sense to be scared" you're right lol

No i'm not afraid at all ! Afraid is the wrong word as far as i'm concerned, but i know what you meant, so that's ok.
" }-

You are not afraid. But you are scared? Is that the word? :)


-{ Quote: "
I have purposely visted many sites with dangerous content embedded and/or linked to further such sites. I also visit various exploit etc sites too for info.
" }-

*Yawn* yet another boast of visiting dangerous sites. Mrv does it too. So do I, so does everyone it seem on this board :).

Still, a real good hacker just needs your ip... nothing else... If he needs to get me to download and run his stuff, what's the fun in that?

-{ Quote: "
Sometimes i look at my FW logs in real time whilst i do that, and notice blocked inbounds that start to come from different IP's directed at the same ports. None have ever got through, and after a while they cease. As my ports are all stealthed they can't see me anyway, especially after i have left their sites. And as i have a dynamic IP they can't specifically target me either. " }-

I don't believe in stealth. You can still be seen. As for dynamic ip.....

-{ Quote: "
In the last few months or so, i started to check my FW logs more often again just out of curiousity. I found that i was, and have been ever since, probed hourly every single day to the same 5 ports by many different Gov etc security services, both US and others ! Also others which you might think were innocuous on the face of it, but i've checked them out, and the're not. I believe they are fronts within innocent sounding organisations and some companys, both large and small. It might seem like the matrix etc, but it definately is happening all the time. Why they should be " appearing " to scan me, i don't know. The only way they could know my IP at any given time is with assistance from my ISP.

One other alternative is all, and i mean ALL, those people etc are scanning those 5 specific ports across at least my ISP's whole range, and maybe others too. Why would the Mil and Gov etc etc do all that and so often and precisely the way they do it ? I actually think it's funny, as i'm not doing anything wrong, and if they or anybody else did manage somehow to break in, well they'd be very dissapointed as to what they'd find lol.
" }-

Wow... scary stuff xfiles stuff... lol The sky might not be falling, but it's close.

As far as I'm concerned, the threat is virtually non-existent

No, I have no fear.

-{ Quote: "For the sake of everyone, I would kindly ask you to elaborate. " }-
FEAR

An uneasiness of mind, upon the thought of future evil likely to befall us.
The passion of our nature which excites us to provide for our security, on the approach of evil.

EVIL

adj: Wicked; corrupt; perverse; wrong.
n: All wickedness, all crimes, all violations of law and right are moral evils.

SECURITY

Freedom from fear or apprehension; confidence of safety;
-----

I've always felt that all of security starts with handling fear. It's a state of mind. There are philosophical and religious implications connected with this which I won't go into here, but just to say that for me, computer security is just another facet of overall security (confidence of safety) that I deal with in my life.

In the state in which I grew up, you had to pass a drivers' edcuation course if you wanted your license at age sixteen. In that course, we learned how the automobile worked. That experience has stayed with me, so that today, I learn as much as possible about something new that I acquire. So, it was just natural that I took a short training session offered at the store where I bought my first computer many years ago. I also sought advice from a friend who had recently retired from working in the computer industry. I learned to apply risk assessment (a term Blue uses often) in deciding what security measures to employ.

1) Starting with a "worst case scenario," I have insurance to replace the computer if physically destroyed or stolen; copies of all programs, and an external HD with all personal files are stored off site.

2) Knowing that malware doesn't just "happen" - it has to install and execute - I'm confident enough that it won't, and it hasn't in 12+ years of computing.

-{ Quote: "Do you use a lot of security software" }-
Only a Firewall and Deep Freeze at the moment. I keep things simple, and enjoy my computer in a peaceful state of mind with no fear.

----

i took the third choice. being hacked is a real threat but with a well configured firewall and common sense, u should be safe. i occasionly visit the dark side of the internet but i know what im doing and show no fear or mercy towards malware and hackers.

"You are not afraid. But you are scared? Is that the word?"

No i was joking ! Like i said "No need for fear etc."

I wasn't boasting at all ! Just explaining what i do now and then to show that i'm not afraid to test my defences, otherwise how would you know how strong they are, or not ? What's the point in just trusting something you've never taken out for at least a test drive, never mind a cross country rally through rough terrain etc.

"I don't believe in stealth. You can still be seen"

Once i've left a site and logged off and back on again with a new IP for eg, how they going to find me with a dynamic IP. Please enlighten me with your reasons/thoughts on Stealth and Dyna IP's. If you know something/s that might help, then i'd like to hear about it directly from your good self, seriously.

How much closer than to my own front door/FW does it come. Oh yeah inside, well i would love to see that happen. I could write a book on it, so lets hope they do manage it. I'm thinking film rights/merchandising etc already. Anybody want my autograph before it costs you plenty $ lol.


StevieO

Old company worked for, the web server I administrated (win2k) got hacked by a know expliot of IIS that was doing the rounds (cant remember which).
The only damage was deleting the website files, they could'nt get to the sql server with our ecommerce stuff on.

In 7 or so years of being on the internet the only hacking attempt I have know be sucessful.
I've seen lots of random noise and worms and script kiddy attacks, but only stuff that would work on people who dont run a firewall and have never patched their OS in their entire installs life.

-{ Quote: "

I wasn't boasting at all ! Just explaining what i do now and then to show that i'm not afraid to test my defences, otherwise how would you know how strong they are, or not ? What's the point in just trusting something you've never taken out for at least a test drive, never mind a cross country rally through rough terrain etc.
" }-

All I'm saying is, if you are truly so unafraid, why run so much?


-{ Quote: "
"I don't believe in stealth. You can still be seen"


Once i've left a site and logged off and back on again with a new IP for eg, how they going to find me with a dynamic IP. Please enlighten me with your reasons/thoughts on Stealth and Dyna IP's. If you know something/s that might help, then i'd like to hear about it directly from your good self, seriously.

" }-

The stealth vs closed debate is one that has being covered a lot on this forum and all over the web. Surely the great S has read about it? :)

-{ Quote: "
How much closer than to my own front door/FW does it come. Oh yeah inside, well i would love to see that happen. I could write a book on it, so lets hope they do manage it. I'm thinking film rights/merchandising etc already. Anybody want my autograph before it costs you plenty $ lol.
" }-

Is this a boast or just a joke?

-{ Quote: "

Hello, My brother uses p2p 24/7, downloading porn and programs, he visits porn sites like a maniac using out-of-the-box firefox without even a single extension, and only firewall and av running real-time. Mrk" }-

Sounds like he needs a girlfriend. :blink:

"why run so much?"

So you think i do then. What i do run has served me very well up till now. Even if i didn't experiment with Apps and visit potentially dangerous sites, why not be as protected as you can be, just in case anyway ! So no i'm not afraid/scared etc, just cautious. Of course we can only be protected against the things our systems and Apps are set up and designed for. Everybody is open in some way or another to Zero day attacks, even you i have to say, for which we could very well be at risk from. Whether these were browser related or otherwise.

I am aware of the stealth vs closed debates, but i Specifically asked you for your own reasons/thoughts on Stealth and Dyna IP's, and how you think that i could be seen and/or at risk ?

With regard to the book/film thing, yes of course it was tongue in cheek ! But if anything did actually happen to my PC internals etc from the men in black etc that i had any Evidence of, then i'm sure people would be interested in hearing all about what/how etc. I know i would if it happened to someone else.


StevieO

-{ Quote: "iceni60 the stuff you mention is interesting and typical but are they of any direct relevance to the question of whether you can hack say the "afraid" Sweater's system? Given his ip?

Why are you all so unafraid?? On average we have 2-3 links being posted that reports on either some dangerous vul found (cookies can be stolen!) , some expert commenting on a future dangerous trend (Spyware for firefox by the end of the year!) , people reporting that so and so antivirus missed a sample or is bypassed simply by hex editing or packing , outbound firewalls are easily bypassed, some sample test is posted for which you fail....

It makes sense to be scared." }-
firstly, no i couldn't hack into someone's computer if they have their firewall setup correctly. if a port was open then i more then likely could, it's not something i'm into though so i've never tried.

if you have someone's IP with an open port there's a live cd you can use with all the programs you'll need to exploit that computer. the live cd will do all the hard work of running an exploit and loading a payload for you. it can tell the OS running by the way it replies to pings (if it doesn't reply you can just tell it to do the scan anyway) it can make a good guess what's running on the port too.

you can then load up a list of all the known exploits for the infomation you have (OS and/or service running on the open port). before you run the exploit the live cd will work out if the exploit will work to save you the time of running something which won't crack the target ::) when you find an exploit which will work you can then select the payload you want, something like open VNC, and open VNC will be installed on the remote computer for you.

secondly, the reason i'm scared is because good hackers (not script kiddies ::)) are so skilled and obsessive. they'll pick some software and spend hours and hours going through it trying to find something to exploit. when something is found they won't tell anyone apart from maybe afew other hacking friends they know they can trust. if the exploit found is for a popular program 1000's of people could be exploited before anyone finds out. maybe no one will find out.

what would happen if the recent meta file print cancellation exploit was only known by afew hackers? would you be safe? i was listening to an old hacking radio broadcast the other day, on the program a hacker was talking about an exploit he had found which worked against anyone using AOL's instant message client, no one knew what the exploit was but him. his friend had just found a huge hole in phpBB too. here's the notice given from phpBB about the friend's exploit
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513

EDIT and abit OT
BTW this is how they responded to being told about the exploit. it seems the hacker - Jessica, was totally white hat and did everything she could to worn phpBB about it but they just wouldn't believe her so she hacked their site, got into lots of trouble and decided to stop using the internet.
http://www.phpbb.com/phpBB/viewtopic.php?p=1316231

the SID exploit i was talking about in my first post was posted on a hacking board, the exploit would probably defeat anyone here, you just needed to accept cookies from the site and click on a link which lead somewhere else on the site. it was no big deal to anyone there apart from me lol i almost fell off my chair.

-{ Quote: "Sounds like he needs a girlfriend. :blink:" }-

Hello,

Actually she sits right next to him while he clicks the downloads...
We're a liberal family... sort of a way...

Iceni - for every 'black' hacker there's a 'white' hacker. Even more so in the opensource community.

Mrk

-{ Quote: "firstly, no i couldn't hack into someone's computer if they have their firewall setup correctly. if a port was open then i more then likely could, it's not something i'm into though so i've never tried. " }-

A port open and you could hack it? Wow, i bet you could own the computer that hosts the Wilders forums. :)

-{ Quote: "
if you have someone's IP with an open port there's a live cd you can use with all the programs you'll need to exploit that computer. the live cd will do all the hard work of running an exploit and loading a payload for you. it can tell the OS running by the way it replies to pings (if it doesn't reply you can just tell it to do the scan anyway) it can make a good guess what's running on the port too.

you can then load up a list of all the known exploits for the infomation you have (OS and/or service running on the open port). before you run the exploit the live cd will work out if the exploit will work to save you the time of running something which won't crack the target ::) when you find an exploit which will work you can then select the payload you want, something like open VNC, and open VNC will be installed on the remote computer for you.
" }-

Let me summarise, you tell me if I am wrong . Basically, you see what is running on the open port, then you look for any known vulnerabilities.
If there is one, you use it. If there isn't any (the target keeps up with patches) you can't do anything.

If you are scriptkiddie, you use scripts and scanners that do all this automatically for you.

-{ Quote: "
secondly, the reason i'm scared is because good hackers (not script kiddies ::)) are so skilled and obsessive. they'll pick some software and spend hours and hours going through it trying to find something to exploit. when something is found they won't tell anyone apart from maybe afew other hacking friends they know they can trust. if the exploit found is for a popular program 1000's of people could be exploited before anyone finds out. maybe no one will find out.
" }-

Or they could sell it for loads of cash or keep it when they really need it to work against a specific target... Honestly, if the aim is to infect a lot of people to create a botnet, it is damn stupid to use an undisclosed exploit.
The majority of users are way unprotected that you could do it any way you please, and you don't really care who you own, so why risk using your secret weapon?

It's cool to do it of course, but if you use it indiscriminately it's likely that you will come up against a well defended system with extremely paranoid defenses (Say someone wilders who runs PG or whatever noticing some strange activity), and he will notice your little trick and the cat is out of the bag.

Real pros will never do that.

-{ Quote: "
Honestly, though we are talking
what would happen if the recent meta file print cancellation exploit was only known by afew hackers? would you be safe?
" }-

Actually I know for a fact that the recent WMF exploit was independently discovered by several people. In fact, One guy was just finishing the analysis and was going to go public when it was found in the wild.

The question was how much did the spyware company pay the guy to reveal this flaw?

i really wanted to say how clever the live cd is and how easy it is to be a script kiddie.

i think "secret weapons" are probably fairly common. here's something which just came up on one of my RSS feeds
http://www.zdnet.com.au/news/security/soa/Mac_OS_X_hacked_in_less_than_30_minutes/0,2000061744,39241748,00.htm

so how do you protect against something you aren't patched against? i can only really think of something like checksum checking. what else is there?

As far as I'm concerned, the threat is virtually non-existent

Of course a few years ago i wouldn't have dreamed of ever being so bold as to confidently issue such a statement as this.

For one thing there is never any "fear" on this end of being hacked so long as there is a working OFF button to the internet or plug that can be pulled from the wall. 8)

In fact some of us harbor a much more immediate threat that can suddenly arise from Windows itself than any outside attempt to invade or intrude on the table. Thats thanks in whole to all the developers of defense software programs that do some basic protecting of areas needed that are well designed to prevent your units from being hacked as they say.

-{ Quote: "i really wanted to say how clever the live cd is and how easy it is to be a script kiddie.
" }-

Well given that clueless people like me run stuff like PrcoessGuard, which is pretty powerful....

I always thought those of us in this forum who have some pseudo knowledge about security software are just the flip side of script kiddies. 'Experts' write these none mainstream apps for us to use to defend ourselves.

-{ Quote: "
i think "secret weapons" are probably fairly common. here's something which just came up on one of my RSS feeds
http://www.zdnet.com.au/news/security/soa/Mac_OS_X_hacked_in_less_than_30_minutes/0,2000061744,39241748,00.htm
" }-

Yeah I read about it.

As for such things being "Fairly common" I think it Depends on what type of stuff you are talking about I think.

A look at various security lists shows that there are a boatload of vulnerabilities reported every week from all sorts of software. I'm sure there are a lot of situational stuff, that requires semi user interaction to work (the examples you gave where the guy had to click on a link), on less critical software etc..

But the really big and serious ones affecting popular stuff are not that common and highly prized. If it was , you would see for example a lot of webservers getting hacked all the time, online businesses would be owned etc.

-{ Quote: ""Mac OS X is easy pickings for bug finders. That said, it doesn't have the market share to really interest most serious bug finders,"" }-

So basically no one cares about Mac according to him, so he doesn't mind tipping his hand :)

On the other hand you can bet the really critical Windows vulnerabilities are not that easy to find, given that the low hanging fruit has all being picked.
if I have a good one that allows me to blow past a fully patched system without any user interaction at all, I'm definitely not going to blow my cover, just to win a stupid hacking contest (win an Xbox!).


It's funny.

If you use obscure stuff, few people borther to target it, so it means there could be a lot of vulnerabilities in the software that is unexposed. But you are somewhat safe, as long as someone doesn't decide to go after you.

If you use popular stuff, you can be sure the most obvious attacks have being considered and blocked already, on the other hand, because a correspondingly large number of people are trying to attack it, statistically speaking some may succeed.

But because such exploits are rare, you don't expect them to use it, unless they seriously have some reason to do it.


-{ Quote: "
so how do you protect against something you aren't patched against? i can only really think of something like checksum checking. what else is there?" }-

Depends on what you are talking about... I guess that's a big reason why people on wilders are hot on 'HIPS', they hope they can spot and stop anomilies. Hopefully, the attacker doesn't know about this ace in the hole...

I used to worry about it. I was hacked once, back when I used NIS 2002. Now I trust my defenses to detect and stop an intrusion. Other than the items I deliberately bring in, my system has stayed clean for 3 years now. Adding SSM pretty much guarantees it will stay that way.
Rick

Not really it can happen, but a firewall and common sense will keep you safe

I'm not really scared, I have been hacked loads of times, each time is something new and helps me understand how it is done and how to prevent it from happening again, not lost anything yet

http://www.wilderssecurity.com/images/smilies/blink.gif Hmm, interesting viewpoint nigglesnush85, but it actually makes sense, when put as you did.

-{ Quote: "http://www.wilderssecurity.com/images/smilies/blink.gif Hmm, interesting viewpoint nigglesnush85, but it actually makes sense, when put as you did." }-

Thanks, I just think that each attack makes a person stronger.

I voted, As far as I'm concerned, the threat is virtually non-existent... As a mainstream user I am not worried about being cracked, hacked or whatever, I have been online for many years and the only security I have ever used on my pc is an antivirus and firewall. Loading your computer down with tons of security applications is a false sense of security, common sense goes along way and is much cheaper and less time consuming in the long run.

I'd agree pipester, if the user has the least amount of commonsense/intelligence, one would have a better chance of getting struck by lightning while simultaneously checking his/her lottery numbers and discovering they are the sole winner of PowerBall jackpot. I've never experienced anything malware wise I didn't actually subject myself to. :-\ - You have to be extremely intelligent to get infected in windows and an absolute genius to get infected in *nix. Having said that, I don't run any AVs, ATs, or ASs, I run nothing more than a firewall and PeerGuardian. While I realize the 'average' user usually needs protection, I am surprised that people that frequently 'security' forums, fall victim to the hype of malware. :-\

Hey does anyone want this great Britney Spears video I have? Britney.Spears.mp3.exe 168kb :P ;D

Hello,
Unfortunately I cannot open that file on my Ubuntu.
I can send you Britney.Spears.deb 233Kb if you want??
I also have Justin.tar.gz.
And Beyonce.rpm.
Mrk

Yes, I'm afraid, but I hope an updated browser and common sense will keep me safe :)

-{ Quote: "Yes, I'm afraid, but I hope an updated browser and common sense will keep me safe :)" }-

Nice necro job dude :)

-{ Quote: "Nice necro job dude :)" }-

Thank you for your attention :)

No Fear :thumb:

I've been on the darker side of the net and always come home with no problems.

I voted... "Yes, I'm afraid, and I take every precaution to prevent."

But after taking every precaution to prevent it, am I still afraid?

Not so much. :)

I voted for option number 3. Hell, I go to places on the net that would probably make malware testers say "No thanks". I don't mean that in an "I can't be touched" way, I just simply don't execute a single thing without a good scan first, have some common sense and lock my browsers down. Also, there isn't anything on this system anybody would want, and I don't do online banking.

-{ Quote: "Also, there isn't anything on this system anybody would want, and I don't do online banking." }-
I've heard this said many times... "there's nothing on my hard drive that anyone would want"... when in fact many people get owned because of their bandwidth or to become a zombie in somebody's bot army. Is this not correct?

I'm generally not too worried about getting hacked.

That said, the first time I got hacked it was utterly unexpected, at the hands of an astronomy website that was itself hacked. And later I got to see a hacked site auto-execute a .bin file on a Debian system. (Fortunately it crashed without doing any damage, but still...) So I am a bit weary, even on Linux.

For the most part I think common sense and a few security applications (or MAC and iptables, if you're on Linux) will do the trick. It helps to never consider one's self invulnerable, however.

-{ Quote: "I've heard this said many times... "there's nothing on my hard drive that anyone would want"... when in fact many people get owned because of their bandwidth or to become a zombie in somebody's bot army. Is this not correct?" }-

They still have to actively penetrate your system Page42, if they can't execute their toys, they can't recruit you for their bot army. A lot of folks make security more complicated than it really is, seriously.

You've missed my point... or I've missed yours. I'm speaking of motivation, i.e. a hacker's reason for wanting to own you or anyone else. Your statement, "there isn't anything on this system anybody would want", doesn't apply or make any difference to the people who want your bandwidth, your storage capacity or to use your system in a denial of service attack or as a spam bot. Their motivation frequently has nothing to do with what is on your system. They want ownage, and in that sense, there is something somebody would want on your system.

-{ Quote: "You've missed my point... or I've missed yours. I'm speaking of motivation, i.e. a hacker's reason for wanting to own you or anyone else. Your statement, "there isn't anything on this system anybody would want", doesn't apply or make any difference to the people who want your bandwidth, your storage capacity or to use your system in a denial of service attack or as a spam bot. Their motivation frequently has nothing to do with what is on your system. They want ownage, and in that sense, there is something somebody would want on your system." }-

I didn't miss your point, it came through loud and clear :) My own point is that even though they may just want your bandwidth, storage, or as a zombie, they still have to get to your system, and, to do that, they have to be able to execute SOMETHING. So, my whole point was no, I'm not afraid of it because they have to have access to my system, and they won't get it if I don't click on things I know I shouldn't and scan files before I open them.

So why are you saying... "there isn't anything on this system anybody would want" if you realize that, "they may just want your bandwidth, storage, or as a zombie"? The first statement is wrong. It's a fairly common misconception that I hear repeated frequently.

-{ Quote: "So why are you saying... "there isn't anything on this system anybody would want" if you realize that, "they may just want your bandwidth, storage, or as a zombie"? The first statement is wrong. It's a fairly common misconception that I hear repeated frequently." }-

Err, the statement wasn't meant to be taken so literally, lol. In any case, you're far more likely to get screwed by keylogging or swindled out of cash by a rogue app than you are to be used in a botnet or as storage facility by a criminal in my opinion. So, if you take that into consideration, then no, my statement ISN'T wrong. If they're looking to steal data, bandwidth, storage, whatever from you, they can't steal what they can't get to.

Look, the important thing is not what you have or don't have on your system, it's who has access. If criminals can't get that access, then they can't do anything to you, which goes right back to me saying, again, I'm not afraid of them because I know how to stop them.

-{ Quote: "Err, the statement wasn't meant to be taken so literally, lol." }-
Did you ever notice how people never say in advance, "Now don't take what I say literally"? That always seems to come up in the form of an err, explanation afterwards. You ought be prepared for folks in a security forum to take what you write literally. ;)

-{ Quote: "i really wanted to say how clever the live cd is and how easy it is to be a script kiddie." }-

Is the LiveCD in this list (http://www.darknet.org.uk/2006/03/10-best-security-live-cd-distros-pen-test-forensics-recovery/)?

"I'm skeered", cries little OS. "Don't you worry none", says poppa FW, "I'll protect you. And Momma HIPS is here too. So don't you fret, you here."

-{ Quote: "Anyway, according to Wikipedia, I do not know a single person involved in the information security industry today that does not fit the description of a script kiddie. Even the best and the baddest hackers I know can easily be named script kiddies if they change their handle to something you are not familiar with. Here is why:

Script Kiddies are juveniles – All malicious hackers are juveniles (mind or body) regardless of their skills and abilities.
Script Kiddies use tools they don’t write – Like you write everything you use? Life is short! Successful people build themselves on the top of the experience and the work of those before them. Why reinvent the wheel?
Script Kiddies have at their disposal large repository of downloadable tools – You mean like Backtrack? Or perhaps any standard Linux distribution?
Script Kiddies deface websites and scan the internet for known vulnerabilities – Hackers are opportunists. Skill sometimes is not enough. You need to be lucky too.
Script Kiddies cannot program – It is perceived that 1337 security researchers are those who know ASM and C and perhaps perl, python or ruby. A junior web developer knows 10 times more languages and has experience with a lot more programming environments.
Script Kiddies’ objective is to try to impress their friends or gain credit – Everybody wants some type of credit even when they claim that they don’t. They lie. In our human nature there are a driving forces bigger then wealth and these are credit, approval and acceptance among your family and peers. And this is pretty much all I would like to say about the script kiddies. Make up your own mind.
" }-http://www.gnucitizen.org/blog/script-kiddies/

I'm sure it could happen, but I don't worry about it.
I feel secure in using certain security programs and safe surf habits.

-{ Quote: "Did you ever notice how people never say in advance, "Now don't take what I say literally"? That always seems to come up in the form of an err, explanation afterwards. You ought be prepared for folks in a security forum to take what you write literally. ;)" }-

Okay, okay, lol. All I ever meant was that MOST are after data itself, which, if not stored on the computer or exposed through online purchasing/banking, they won't be able to get to...and THAT is ONLY after being able to get the user to execute a malicious file/script in order to get to whatever data/bandwidth/storage there is. I understand your point though, you're right :)