Can I be hacked if I do not have a server?

Discussion in 'other security issues & news' started by softtouch, Dec 3, 2006.

Thread Status:
Not open for further replies.
  1. softtouch

    softtouch Registered Member

    Joined:
    Jan 31, 2006
    Posts:
    415
    Dump question, I know, but:

    For example, I do not have a server running. How can somebody hack my computer? If I understand, even I would have ports open, there must be something running on my computer (trojan or whatever) which respond to request from a hacker, right?

    I understand that if I run a server, its a different thing. Somebody could use php or sql injection to gain access, but if I do not have any server/mysql etc. running, should I not be safe if I do not have a "waiting for connection" trojan?
     
  2. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Why do you have ports open?
    Because some service or software is running that opened it for the purpose of communicating.
    What happens if that service or software has an unpatched bug that can be exploited with just the right communication?
    An open port doesn't mean you are going to be hacked, but just like your front door at night, keep it closed if you don't need it open.
     
  3. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    the majority of infiltration these days is arguably occuring via port 80
    the one your using to view this message :blink:
    and you are running servers in many aps, if not the OS
    and many aps have the potential to be subverted (be they client server or hybrid)
    the browser is of course just the most obvious after the operating system (its a classic client however)


    point is that any way in which the OS or an ap can be subverted opens the potential for code to be executed on your box that can open up hidden ports you can't find with your generally subverted security applications or remote port scanning, and drop hidden malware you cant detect because its rootkitted.

    there might not actually be a real hacker ever show up to manually poke around your p0rn collection but then they dont need to, they can automatically harvest data from the most likely locations, drop keyloggers that download data to them (passwords, CC #'s accounts) and if nothing else bot your box to attack their latest extortion victim (DDoS) or just scan for other victims using huge IP blocks (million computers in a night)

    ;)
     
  4. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    So long as you have a computer connected to the internet, you can get hacked.
    Since you don't have a server, it means there should be nothing listening on the ports used by the server application.

    By right, a firewall configured correctly should block all hostile communication attempts from the network. Trojans/worms attempting to exploit the vulnerable ports have a lesser chance of exploiting them if there's nothing listening on that port.

    Infection by malware by any means can be considered as a hacking attempt since malware is designed primarily for malicious purposes.
     
  5. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Not having a server means nothing really.

    Downloading a game Modification or an update to a program that was unknowingly infected by hostile code could (by itself) open a port and begin listening and report to an external software device. Sometimes common applications are exploited like MSN or ICQ. Monitoring your "Ports" and "Processes" will provide you with an understanding of "background" inter-exchange between software running that you didnt even know where using network resources prior.

    Process like svchost.exe for example are running multiple sessions with embedded server functions which could and often do go online in the background and report or even download content. These are labeled under system processes but in my opinion also need to be monitored.

    I would "Harden" my system security no matter what you may "think" the low risk you present...

    here is a nice little tool you may want to begin looking for holes with:
    Just open this and update the database of known patches it will provide you with a lot of help defining what is already know as vulnerabilities and patched.

    Proactive Security Auditor FE (Freeware Edition) is a free, small, fast and easy to use program to assist system administrators and ordinary users to keep their computers secure by identifying what security updates are installed on local and remote machines, and allowing to download and install missing patches from Microsoft web site.
    http://www.elcomsoft.com/download/psa_fe_enu.zip
     
  6. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,702
    Hello,

    Just a side note: port 80 is open on the server side. On the client side, it can be any port.

    As to getting hacked, do you mean:

    1. Downloading something, running it to discover it's a trojan that phones home?
    2. Someone accessing your PC remotely and violating it?

    Simplest solution to 1: Be careful; 2. Use a firewall. Or Linux. With firewall.

    Mrk
     
  7. spamislame

    spamislame Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    52
    I'm possibly adding more of the same here but my own additions would be as follows:

    - Don't assume that just because you are not running any flavor of windows, you can't get infected or hijacked. I've seen it happen on numerous *nix setups and the vitims are usually hobbyists who are "just testing things." They make rather ludicrous mistakes like having a root password of "password", or not securing things like Apache or other applications. They also allow the root user to login remotely, something that nobody should allow. The same is true of macosx. It's pretty secure, and there aren't many exploits for it, but they do happen.

    - If you run Windows, any flavor, you are ripe for hacking even if you have all of the service packs and other security updates.

    - Usage of Internet Explorer is a further wide-open door for attacks of numerous types. Several other apps are now the conduit to third-party hijacks of a user's pc.

    - In general I (and numerous others) consider Windows OS's to be the root cause of all of the security issues we commonly see today, from trojans and viruses, to spamming, to DDOS attacks, to rogue illegal website hosting via consumer's pc's. There is no single fix for any of that, even if you're running any variety of up-to-date antivirus. I'm not saying "don't use windows." I'm saying that the days of buying, taking home and using a new Windows-OS computer without considerable extra effort to secure your new machine are long gone. I don't imagine Vista will help that situation either (though I'd be very happy to be wrong.)

    SiL
     
  8. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    very true
    sorry bad analogy :rolleyes:
    more accurate to say that recently most infiltration has occurred via http and your browser
    or via IM clients

    or historically speaking, that there has been a strong shift away from exploiting operating systems to exploiting applications (in the Windows world)
     
  9. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,702
    Hello,
    If you install your Linux, not use password for password, use firewall and disable ssh, what more is there to worry about? Local exploits? In that case, you may as well turn the machine off forever.
    Mrk
     
  10. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    Ensure that no other unecessary daemons are running, like a smtp server, a proxy like squid, etc. if they haven't been properly configured. Remember, many new linux distrobutions are gearing towards more ``newbies'' which means that unecessary crap is being enabled, which is not good since it is following some other OS's path...

    Alphalutra1
     
  11. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,702
    Hell,
    Thanks for the comments, alpha, I was just stating that rhetorically - meaning that some minimal housecleaning will go a very long way.
    Mrk
     
Loading...
Thread Status:
Not open for further replies.