[10057] in cryptography@c2.net mail archive
Re: Hackers Targeting Home Computers
daemon@ATHENA.MIT.EDU (Jeff Simmons)
Sat Jan 5 16:23:45 2002
Message-Id: <200201041942.g04JgSv15469@goblin.punk.net>
Content-Type: text/plain;
charset="iso-8859-1"
From: Jeff Simmons <jsimmons@goblin.punk.net>
To: Hadmut Danisch <hadmut@danisch.de>,
Digital Bearer Settlement List <dbs@philodox.com>,
cryptography@wasabisystems.com, dcsb@ai.mit.edu
Date: Fri, 4 Jan 2002 11:42:27 -0800
In-Reply-To: <20020104175457.GA1332@danisch.de>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
On Friday 04 January 2002 09:54 am, Hadmut Danisch wrote:
> On my private computer (DSL, dynamically assigned IP address), I
> detect an increasing density of attack attempts. More or less serious
> attempts happen every few minutes in average (depends on daytime).
> Highest density is in the evening hours, when hackers and victims
> find time to be online.
Unless I'm misunderstanding you, I find this hard to believe.
[Moderator's note: I find it easy to believe, because I see exactly
what he does on the networks I control. I don't know why you are
attacked less often. --Perry]
On my computer (DSL, fixed IP), which is pretty heavily monitored, I'm
detecting only a few, maybe up to a dozen, actual attacks a day. Most of
them are from well-known root kits, targeting old vulnerabilities. Sunrpc,
lpr, imap, and anonymous ftp seem to be popular. Most attacks come from
Asia, eastern Europe used to be popular, but seems to have died down recently.
The only way I could get anywhere near your numbers is to count all of the
Windows-based http attacks coming from automated worms and the like.
I'd be interested in hearing from others what kind and frequency of attacks
they're experiencing.
> This means the probability of an infection of an unprotected
> private computer is quite high after only some hours of internet
> access. Most ("normal") people I know use such unprotected
> computers for internet access.
This is of course true no matter what the frequency of attacks is.
--
Jeff Simmons jsimmons@goblin.punk.net
Simmons Consulting - Network Engineering, Administration, Security
"You guys, I don't hear any noise. Are you sure you're doing it right?"
- My Life With The Thrill Kill Kult
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
