Potential FD-ISR network security gotcha!

Discussion in 'FirstDefense-ISR Forum' started by flinchlock, May 3, 2007.

Thread Status:
Not open for further replies.
  1. cthorpe

    cthorpe Registered Member

    Jun 30, 2006
    I for one appreciate you taking the time to point out this issue. One of the main reasons I come to Wilders is to learn about security in its many forms. Many people on this board take offense to anyone pointing out any weaknesses in ISR. Many users also are afraid of the thought of doing anything other than simple copying of snapshots and archives. I'm sorry if that offends anyone, but it is true. When you have users who are so paranoid about security that they go to extremes such as:

    You would think they would be appreciative of one more way to make their computer secure.

    Last edited: May 9, 2007
  2. Horus37

    Horus37 Registered Member

    Jan 4, 2007

    Perhaps you missed my pervious post just above where I did state I was glad he did point it out. I don't think I'm overly security conscious. Just have you laptop stolen once with what I have on it and you'd be careful too. Plus I have been the victim of a bad trojan before that was almost like killdisk in disabling my computer. Lessons learned. I don't take chances anymore. I have too many valuable things on here from work etc that can't be compromised. And I think I'm one of the more vocal ones on here pointing out any issues I have with the software. Ask Peter.

    I appreciate anyone's effort to point out any issue with this software as I heavily depend on it. The computer I have came with camera security software pre installed. The house I live in came pre wired with a security system, no I don't own a rotweiler, but I do run a few well thought out and tried security apps. If this software had a huge security hole in it via remote code execution so easily I doubt they'd be in business however I do see that someone with a dictionary attack could have fun with against someones admin password. Doesn't it reboot after 3 failed attempts? Anyways even though I think my system is pretty secure I still have attempted to block the remote control function of this software by setting the port to 0. And just so you don't think I'm being unappreciative here's a smile. :D :thumb: :cool:

    I think that if I had put that smiley face at the end of my other post you're referring you you might not have felt that. Sometimes emotion doesn't come through just by typing.
  3. EASTER.2010

    EASTER.2010 Guest

    I think the potential for remote security breach thru FD-ISR, although a very valid observation AND discovery, is still worthwhile to point out and discuss indeed. It's never intended to discount the validity of that possibility, only like Horus37 i have gone through pure h*ll in much similar fashion so hence returning an apparent sharp reply in answer to such a bold announcement as " IF, I can destroy/change any/all of your snapshots/archives!"

    Likewise again as already mentioned, i too appreciate the effort to point out potential security issues within this software since I strongly depend on it myself.
  4. Peter2150

    Peter2150 Global Moderator

    Sep 20, 2003
    Hey guys don't mis understand me, it's good to be aware of things BUT then you have to put them in perspective.

    Anytime you have the ability to do things across a network it exposes you to risk unless you have the network protected.

    All I was trying to point out is that yes this might be a weakness, but it doesn't rise to a point of any concern given that your network would have to be totally exposed for it to work.

    If you really want to be concerned bear in mind that malware could easily mess with snapshots, by manipulating the permissions, just like FDISR does. That could be considered the biggest security risk of all. Should I be concerned about it. I am not at all, because first of all FDISR is not security software and secondly and most importantly, why would any malware author who these days is looking to make money worry about the very few FDISR equiped machines when there are so many easy pickings out there. I don't see this as a risk any more then the issue brought up in this thread.

    In summary I feel it is extremely useful for someone to point out a potential risk, but I feel it is equally important the risk is put in perspective so the new comer is scared by it.

  5. EASTER.2010

    EASTER.2010 Guest

    I already taken the Liberty of creating a series of snapshots and their equal compliment of ARCHIVES and strategically stored them not just on the $ISR directory alone but dispensed them in several various hard drives AND partitions to negate any possibility of my configurations ever becoming subject to tampering either within or from without.

    That's the beauty i discovered with FD-ISR. It affords an end-user alternative locations to store Duplicates/ARCHIVES which of course are easily returned again back to full working and clean snapshots.

    I could also say with complete confidence, GOTCHA! My motto is keep well ahead of the curve and you will never lose ground or to put it more accurately, even a single bit of your data. LoL

    All that and plus if you employ an Imaging solution you have an iron-clad safety mechanism which is 100% immune from deficiency. :D
  6. ErikAlbert

    ErikAlbert Registered Member

    Jun 16, 2005
    I didn't write that quote of your last post, Peter did. I don't want any problem with the copyrights of Peter. :D
  7. EASTER.2010

    EASTER.2010 Guest

    :thumb: :cool:
  8. tradetime

    tradetime Registered Member

    Oct 24, 2006
    I think Peter sums it up well here, the potential to manipulate FD-ISR remotelty for malicious purposes was and is worth pointing out, but I think if your system is exposed in such a way as to allow this then it is likely many other things will wreak havoc before someone exploits FD.

    I thinks those who spend the time and effort writing malicious code do so with the primary purpose of exploiting the majority, this is simple work ethic, minimum effort maximum result, it is imo one of the main reasons that Microsoft suffers so many vulnerabilities / exploits. Much is said by users of browsers like Opera (I use it myself) about how much more secure it is than IE, this may be true, but in simple terms whilst IE has significantly more share of the browser market than say Opera, who is going to waste their time writing code to exploit about 1 or 2 in every 100 users. Likewise with FD-ISR, likely a miniscule % of the internet comminity is using it, so it is unlikely too many will be wasting their time hunting down those users.

    It does however serve as a good reminder to all of us that almost anything you put on your computer could be used against you if you expose your system to the outside world. Microsfts OS has built in remoting capabilities, imagine the fun you could have with remote registry access to someones machine, a feature microsoft built into XP.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.