Slashdot Mirror
Dvorak Takes On The Crackers
rozerumn sent us linkage to another fun and exciting Dvorak column. In this weeks episode he takes on the crackers. Offers views on whats happening in the area. Flamboyant as always.
← Back to Stories (view on slashdot.org)
As always, Dvorak writes well and concisly. and it definately looks like we will be needing Black ICE Defender in the near future when we finally get dsl here in oz
\\||//
----ooo00ooo----
In fact, I suspect one is underway already, although I have no evidence of it. It's just a sense I have.
I had the same feeling. It's like millions of port scanners were logging hackable ports, and then were suddenly silent.
is that people start looking at hacking as informative, not something to do pranks... I think hacking is a good thing... but I hate script kiddies
What punishment would be appropriate for these "kids" who get their hands on some programs and start mesing around? How far is too far? Try catching everyone that has ever used a ping attack. Would their be a fair way to bust people? Could you arrest somon because they were "at the wrong place at the right time"? I don't think that their is a way to control what is happening. At least not from the standpoint of some sort of law enforcement. The internet by nature will be hard to regulate, but do we want to regulate it the same way we regulate laws such as J-walking? If it possible to enforce laws about the internet the same way as we would try to enforce laws that can be physically proven? What kind of investigations would we conduct and what kind of evidence would we use to prove a case?
This is why the internet will never be (completely) regulated.. At least not in the forseeable future. Do we really want to have everything we do watched? I think not..
((Mark this what you will.. I just went off and it is late))
"I couldn't give him (Bill Gates) advice in business and he couldn't give me advice in technology." Linus Torvalds
Why publications let articles in, writen by people that have NO CLUE what they are talking about!?
The suspected Smurf attack came from an @Home user.
If this moron knows how smurf works, he would know that the IP address of 'attacker' can not be seen - because it does NOT exist. You send a spoofed request to 'amplifiers', that then respond (those are just broadcast addresses) to the spoofed IP - which is the 'target' IP.
So, if I 'smurf' him, how is he going to get my IP address, when it's not sent to him?! What a moron... And then some people will read this crappy article, say "God, this man is so knowledgable", and follow the 'instructions'; but won't realize that all they see is - misinformation.
Usual crappy writing by Dvorak... That man should kill himself - he's really clueless.
...invent some router or switch that can be programmed with some kinda of connection login?
= -=-=-=-=-=-=-=-
IE...wouldn't DoS attacks become impossible if routers could be programmed with somethink like "if number of packets from A to B on port X > Y, drop connection A". Sorta like how most IRC servers have flood protection, where if you try to flood the IRC server with information requests (in an attempt to split that server from the network), the server simply disconnects you. Or how mail servers that detect you are sending "too much mail" can drop your connection until they can see if you are a potential spammer"
The technology clearly exists to cap transfer rate (as @Home does with my connection) so why can't it simply have a quote assigned to abused ports like what ping, tracert, NetBios, and the various trojans use?
Blocking the traffic at the endpoint slows down every connection along the way. Internet service providers who don't want to support this kind of traffic should be able to automatically disconnect
you if are being abusive. It might also be possible to monitor WHAT is being sent (multiple packets that contain the exact same thing). This forces the attacker to generate some kinda of random information...which increases the size of the connection transmission and slows them down.
I clearly know nothing about this, or I'm sure someone would have such a device already, so I'm interested in seeing why this type of protection is not possible.
- JoeShmoe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
This man does not know the difference between Script Kiddies, $%! Crackers and Hackers, does he?
"Smurf attack came from an @Home user. I have his IP address..."
Correct me if I'm wrong but... the IP address of a smurfed packet show the targets IP address rather than the attackers. Bad Person A sends an ICMP Ping packet to an broadcast address with the packets source address spoofed to look like it came from victem B. So all the (broken/misconfigured) hosts on the network respond to the broadcast ping and send their reply to the victem. A sends 1 packet, B gets (up to) 254 packets and dies.
Just worries me that some (possibly) innocent user is now going to get hasseled becasuse Dvorak put the hard word on @Home (and maybe @Home listened to save embarasment on Dvorak's website.) Actually I doubt it would really come to that in this case but it's a distrubing notion. Yes crackers/script kiddies are bad. But theres no TurnKey solution to them like BlackICE(what ever that is). If you don't know what your security monitor is telling or what to about it you're no better off. Maybe worse of for thinking yourself safe when you're not.
... with eskimo chains i tatto my brain all the way...
I thought Dvorak made one good point. Making examples of script kiddies will reduce their numbers but transform the remainder into really angry and careful hackers.
This situation isn't much different from drugs, as long as people want to do them, a way will be found. All law enforcement can do is arrest the least talented and make the rest more cautious and better armed.
I'd prefer to see hacking winked at, but actual damage responded to in a proportionate matter. If someone hacks a hospital and someone dies, that's murder, laws exist. If someone brings a financial system down, that's war or terrorism, call out the troops. We need to get across the idea that stupid hackers are those that damage, not those that can simply be caught.
* an online programming comp : sure schools run them, but it often takes teams of four or five and you have to travel and have a teacher in on it, etc etc. often, at a small school like mine it's hard to find 5 friends who know enough/care enough to enter with you. if you could do it online, by yourself, you could really test yourself against some challenging problems and peers. i did a fantastic uni assignment where we wrote java robots that played against each other in a constant battle ; everyone was ranked by how much money they made ...something like that maybe?
*a teengnu project, or something like that. sure, at highschool i didn't know about good programming techniques, oo theory, data structures, etc ... but i would have loved to learn. we don't know enough to start contributing to kernal code, but surely there is something we could put together?
*a online buddy system with undergraduates or something, passing on linux/programming tips to a new generation. if someone had of told me about, for example, binary trees, i'm sure i could have researched and implemented them in highschool (maybe to kick ass in the online programming comp battle thing!)
* put your ideas here! you've all been (or are, bored teenagers, what would you have liked?
Many organisations are very lax on security, mostly due to the fact that management are clueless.
The site I currently contracting for will soon be rolling out an internet based financial system, which is planned to go live next month. (I won't give too many details).
The specifications for both the OS of the web server and the intrusion detection systems have changed this week. The whole system has been badly planned from the outset.
The intrusion detection systems are of the hardware only system - how the hell are they going to keep them up-to-date with the latest attacks?
I hope that they get stung badly when it goes live, and I hope that leads to dimissals of many of the complacent management here.
Other problems come into the issue of prosectuing hackers (read crackers) when you consider the very nature of the system used by them, the internet. That is, the hacker does not need to be in the same place (or even country) as the system they are trying to hack/crack/infiltrate, so if they are to be prosecuted for any damage done, whos laws are followed? The country in which the damage was done, they country the hacker is in, or should new provisions in international laws be made? And what about countries that are hostile, or simply decide not to submit to the system used? Should the prosecuting country invade them (being ofcourse the extreme case). Then we run into the problems of wrongful prosecution, which although provided for in conventional law, is a much easier mistake to make in an online environment when the hacker is good and decides to take adequate precautions against getting caught. Electronic fingerprints are much easier to fake than real ones...
phear us?
--frank[at]unternet.org
This is true for almost everything that is supposed to run on "protected" host that is supposed to have insecure software at the same time. So Dvorak should be advised to put his "firewall" and his stories about corageously thwarted probes to his telnet and ident ports into the place that deserves them. Wait, isn't zdnet publication one of such places? Um.. nevermind.
Contrary to the popular belief, there indeed is no God.
...wouldn't be quite such a problem if the masses (and the corporates) weren't being advised by those who: 1) Don't know a Smurf from a Clanger (or US equivalent) and 2) Recommend a $39.95 commercial firewall with a straight face. Bored Pinetop
eaasiest thing for you is to learn IP chanins and
and make yourself a nice paranoid firewall.
Yup, he's right - we need a massive worldwide sting to wipe crackers off the face of the planet. In fact, I think we should go a step further, and introduce an international key escrow system whereby we all have to hand over private keys for encryption to the government so that they can have access to all of our data at any time. Even better, we should probably all have barcodes tattooed on our wrists that get scanned every time we log onto the internet, so that our activities are logged and there's no way anybody could make any kind of security breach without the people who control the traffic lights knowing about it.
--
Everything I know in life I learnt from
Don't know about the FBI, but I've always suspected that the real hackers use the script kiddies to test out some of their alledged exploits, especially if testing it out yourself could be dangerous.
Attacker wants to limit traffic coming out of target through a certain point. Attacker formats packets to spoof source as target on port X, then fires off a salvo. This router, which by now is a bulkier piece of machinery, determines that the target is abusing its transfer priveledges and is probably up to something bad.
Either traffic is halted, slowed as packets are analyzed, or these routers are amazingly epensive.
Why does this thing seem like it took him 30 seconds to whip out?
I mean talk about content free, not to mention completely unresearched.
"I have the feeling theres, like, this sting or something, whoa."
"Like those kiddie porn rings, yah they stopped those, dude, all right!"
"No operating system is, like, invulnerable, like."
"OMG! Like there was this one dude, he like, tried to telnet to my machine, but fortunately it was a windows box, and thats, like, secure, because i have this firewall and stuff and doesn't let people telnet like into it."
Another GREAT article from that bastion of cluelessness that is Dvorak. God, if it wasn't for journalists like him, how WOULD we get our mass-market news?
Uh oh,
:)
Dvorak used the word "hacker" in the context of "cracker"
I can hear it now
the fists beating loudly against the chests of all
self righteous slashdotters out there.
just quit it, it's annoying, yes we all know that
they mean "cracker" it's been debated numerous times
we don't need to be reminded again
please?
----------
"Hope is the denial of reality, it is the carrot dangled before the draft horse in a vain attempt to reach it" - Raistl
Guess what, guys: dictionaries (and Jargon Files) don't define language. Usage does.
Years of the media using hackers as a synonym for "someone who cracks systems" has made it an acceptable use. Stop fighting it and deal.
Of anyone in the media, Dvorak knows this. He's started using hacker because it's the only word most of the Real World understand. This guy HAS been in the industry longer than you. Don't pull the argument that "when I was young we just had [mechanical relays | punch cards | TRS-80 | IBM XT | iMac ]."
I just wanted to post before someone else bitched about it.
-Chris
Oh please is language so static that you can't use a word that has two meanings?
To me I know that a Hacker and Cracker is different, but also know that your average muppet doesn't so I make allowances.
And big deal he was around the industry longer, doesn't make him an expert.
I run a windows based firewall at home on a POTS dial up, and in the space of an hour, I normally have attempts at telnet, ICQ, NetBIOS, NetBus, NetBusPro, BO & BO2K made, in addition to seemingly random ports.This of course not counting DoS floods and Christmas packets. If my forthcoming (A)DSL connection has as little attempts at a hack as Dvoraks, then I'll be happy.
The man exposes Windoze to the net, and he thinks that the Script Kiddies are the problem?
If you use an unsecurable OS on a machine exposed to the net, and anyone wants in, it *will* be cracked.
Someone needs to fill this guy in on how to configure a router.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Dvorak has expended all his credibility a long time ago. The guy just trolls, and gets away with it because he writes for a "respected" (yeah right) source.
Stop bothering with him. Just moderate him down and go elsewhere.
-
Does it sound like he's trying to get people to crack his home net?
If there is no news happening, you should try to make some? This sounds pretty fishy. Of course, he's going to get what he wants.
Publicity. Book deal.
then it comes to be that the soothing light at the end of your tunnel is just a freight train coming your way
More like "Dvorak puts on some more pounds". Whee. Johnnie found a new toy with a cool name. Does he know how to use it? Probably not. But he'll pretend he does and make some "insightful" and "witty" comments about it. This guy is pathetic.
I suggest you read things more carefully. He wrote:
and finally, one Smurf attack, which would use my system along with many others to ping a target server to death. The suspected Smurf attack came from an @Home user. I have his IP address (although this could be spoofed) and other information on him, too, if the @Home folks are interested in hearing more.
I think you want to be slightly less quick onto the bash-the-journalist-for-being-an-idiot band wagon. If you still don't get it, he was saying that someone was trying to use his system as part of a smurf attack on someone else. Just because you spoof an ip for the return ping to go doesnt mean that he cant find out where the actual 'inducement' ping really came from.
summary execution! all real americans love summary execution and peanut butter sandwiches with their network security!
YADDA
Or : Yet Another Disgustingly lame Dvorak Article.
Mr Dvorak, please don't put your nice little Windoze machine on *any kind* of permanent 'net connection (cable, ADSL or other) -- or you will get it hammered by every single script kiddie out there . Use a *real* operating system if you want to keep it uncracked. Oh, and, please, please, please avoid pointless exercices in intellectual masturbation, such as "I feel like a huge crackdown is coming for those no-good kids! And about time, too!". You either have some sort of *fact* or insider info or you don't. In your case, you don't: yadda, yadda, yadda.
I am not even going to comment on the "cracker vs hacker" debate. This guy is pathetic and clueless beyond belief. Commercial firewall? Yeah, sure.
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
JP of AntiOnline was recommending BlackICE just a couple weeks ago. Coincidence? No, I think it's evidence that Dvorak reads AntiOnline...and trusts JP. Idiot. That gives him ZERO credibility right there. We all know what scum AntiOnline really is...
~~~~~~~~~~
How do you titillate an Ocelot? Oscillate her titalot.
logan
Tune into next week's episode, where the fearless Dvorak discovers the woes of Windows 95 file sharing!
Seriously, people should assume that port scans are headed their way on a regular basis - and anyone who doesn't at least have a NAT router (I know NAT isn't a real firewall, but it'll beat 99.9% or the script kiddies out there) between themselves and the Internet should go out and get _some_ kind of firewall - the cable and DSL providers should be recommending these to all their customers, or at least implementing basic firewalls within the cable/DSL modems. At this point, everyone should implement some form of packet filtering - there's just too many script kiddies out there to assume any trust at all.
Sucks, don't it?
- -Josh Turiel
-- Josh Turiel
"2. Do not eat iPod Shuffle."
This is at least the second recommendation I've read for this product. Is any slashdotter using it and do they recommend it? Is BlackICE available for Linux? I'm looking for a product like this that's affordable (i.e., cheap or free) for both Windows and Linux. At $39.95 BlackICE seems like a good deal. (I want an all-in-one firewall product for Linux.) Please comment.
*Thwack*
Kiddie go home, I bet JP recommends OpenBSD over Windows, and I guess that's a bad choice too.
BlackICE has been around for quite some time, CNN, Wired, NWFusion, etc. have all done reviews on them (I've never even touched the product myself). I guess all the companies who ever did a review on BlackICE are all scum too now, and I guess that JP has just also been named ruler of the world; my god everyone but me is under the thumb of JP... You consipiracy junkies need to really get a clue (life).
Note: I personally think someone needs to shut JP up, but I think conspiracy freaks like your are an even worse ilk (you look like an idiot, and JP looks like a martyr).
Moderators: You may now mark this and the original message as flamebait.
Get IPs out of the argument. We all know how easy it is to spoof IP information. The issue here is the physical connection.
= -=-=-=-=-=-=-=-
If attacker formats packets to spoof the source as IP 1.2.3.4 then it still has to come from somewhere. IF it comes from another router, then the first router is simply ignoring packets with IP 1.2.3.4 from that router. It has no effect on the data flowing from the REAL 1.2.3.4 many many hops away.
So if you wanted to truly reverse DoS 1.2.3.4 then you would either have to A) spoof the attack to a huge number of routers that you know 1.2.3.4 connects through...in which case your attack has been diluted and unlikely to truly work or B) attack the one or two routers that serve as 1.2.3.4's entry point...which is basically the very kind of DoS attack the routers are now trained to block.
At some point...it all tracks back to a unique MAC address so there is at least ONE router in the whole world that can stop an abusive stream at the source...witout even looking at IP information at all.
And again...in case I haven't made it clear...
YES the extra thinking will slow down the routing of packets but DoS attacks are already slowing down that same routing of packets. If you spend a couple extra milisecond of thinking to decide to exclude DoS information that can last minutes or even hours there is going to be an increase.
Script kiddies love to attack EFNet servers to split them off the network and gain ops in a popular channel. So IRC server started using a policy where no ops are giving during a split. Thus, they are no longer a target because there is no reason to attack those servers and quality of service increases.
Likewise, if script kiddies find that a certain route point drops their ping flood, they have to find another route until eventually no routers will carry that traffic at all.
- JoeShmoe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
use ipchains to set up a simple masquerading firewall. It needn't have a ton of complex rules (but that's OK if you want).
:). Nice program. Another program, logcheck, will scan you rlogs and report (email) all suspicious activity. Look for them on freshmeat.
Then you can use another tool like portsentry which detects portscans, and can be set up to use ipchains rules to automatically drop packets of anyone portscanning you (including your ISP
Then secure your box by removing all services except ssh.
It isn't too hard.
support gun control: take guns from cops
>What punishment would be appropriate for these
>"kids" who get their hands on some programs and >start mesing around? How far is too far?
Speakin for myself, all it takes was a polite phonecall from a sysadmin who's box you've just attempted to crack. I haven't "attacked" any systems (well, except helping check some security things on my roommate's box) since then. For the young or stupid, a good scare will set them on the right side of the law. Fear can be a good weapon against the script-kiddie, especially if you catch 'em small, and scare the hell out of them by mentioning the FBI.
0 1 - just my two bits
Take a classic board game and write your own computer version of it. Program "perfect" play for the computer player. Write a program to "solve" checkers through brute force. Write a fractal viewer with a cool zoom-in feature. Write a dense linear algebra package. Write a sparse linear algebra package. Get the edition of Numerical Recipes without the code and implement all the algorithms therein. Get the NR code and time test your implementations against theirs. Beat the times of the NR algorithms.
Still bored? Write a fluid dynamics code. Add viscosity. Add MHD. Add self-gravity. Add adaptive grids.
Download all the cracking scripts and figure out how and why they work. Fix the holes they exploit. Find a missing feature in Linux that really annoys you and add it. If you are at a loss I have a couple of suggestions.
Download the Infocom engine and write your own adventure. Write your own MUD or chat program.
That's just off the top of my head, but I think you get the idea. Any teen who is so "bored" with computers that he can think of nothing better to do than to break into other people's machines and cause trouble is either pathetically uncreative or just plain ornery. Which one are you?
(Sigh. Not even 30 and already an "old fart". That's got to be some kind of record.)
-r
Wow. You rarely see anyone invite slander and defamation suits from tens of thousands of people at one time.
But what I find *really* interesting is his "Cause" . What "Cause" is this, exactly?
Prosecuting people for lawful assembly?
Prosecuting people for encouraging meaningful and fair competition in a major economic sector?
Prosecuting people for daring to say that the Emperor has no clothes?
Mr/Ms Sessions, if that's your name, exactly what crime is it you're alleging me of committing by frequenting SlashDot and the development mailing lists? My lawyer *really* wants to know....
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
I find his suggestions deeply disturbing. Am I naive to hope that policy makers are better informed than he?
[
Your ISP already has the capability of eliminating ICMP attacks where the originating address is spoofed. If your ISP would filter out any packets originating from inside their network with source addresses not in their address ranges, this problem would go away. If you E-Mail Cert with this idea, they'll tell you that they've been begging ISPs to do this for YEARS. Unfortunately, the people who run ISPs are such plonkers that they'll never get this, so the problem will remain. If you call up your ISP and try to talk to them about their router configuration, you can actually HEAR their eyes start to glaze over across the phone line. Give it a try, it's actually an interesting thing to hear.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
D.C. Sessions is well known on the Usenet for a number of things, but I've dealt with him in two areas. He's not a total nutbag by any means, but he is extremely strident (a term applicable to myself as well!) in his views.
1) He's active in the area of spam control on the Usenet. In this regard, I agree with him because spammers are evil, and they have destroyed some of the usefulness of the Usenet. He goes way overboard in my opinion, because he's a monitor of what the *appropriate use* of the internet is. In other words, he's not just against spammers, he's against those who use the internet to further their political goals. And that's where I ran into him when I was arguing a particular topic.
2) And that topic was circumcision. There's a lot of people who are opposed to it, and they argue on the usenet about it. I think he'd just like to shut that idea down entirely, because, well, he's in favor of performing surgery on infants without a medical diagnosis. He doesn't see the usenet as a valid medium for radical political organization. No matter what a person thinks on an issue, I think the usenet is there for everyone to argue all day long if that's what they want to do, and to organize grassroots political support if they can.
If tits were wings it'd be flying around.
He wonders why people try to hack his network? Why doesn't he read /. posts about his articles?! That would tell him why! You don't go making an ass out of yourself at every turn, insulting every group you can without taking a beating. I can't wait till someone gets a cih on his machines that rips his BIOS to shreds. He deserves some humility. And to any Linux user who might support him, remember he proposed nationalizing the very organization most of us ***HATE***..... Microsoft. That's right check the online pc mag archives for feb 99!
Maybe our friend Mr. Sessions is playing on the whole hacker/cracker confusion. There are a lot of /. and OS mailing lists after all.
hacker types on
--joe
"I have done nearly everything at one time or another."
--My Manager
chesse crackers are ok, but i prefer peanut butter. wow, dvorak really is a big man to take on the cracker industry. i mean, they must be huge; just think of how many crackers are sold in one day, alone! you go boy!
- Dvorak writes an inflamatory article (aka: Troll).
- The link to the article spreads amongst the target community (ie: Unix/MacOS/BeOS users, hackers, people of intelligence.)
- Everyone in the targeted audience clicks on the link to the article, sometimes more than once.
- ZDNet counts every time Dvorak's page is served.
- ZDNet sends a bill to the owners of the ad banners on Dvorak's page.
- ZDNet and Dvorak are swimming in money.
- Dvorak decides he needs a new car, and composes his next inflamatory article.
Thus the circle is complete again. And ZDNet is a bit more richer.Why else would Dvorak have a job?
--
NetInfo connection failed for server 127.0.0.1/local
The guy expects the sysadmins for @home read his column? Hello John:
abuse@home.com
I've dealt with them before. They seemed competant enough.
Says HERE
BlackICE was designed for multiple platforms, but currently does not run on Linux. However, it detects many attacks directed against Linux machines, such as the rpc.mountd overflow.
DETAILS We plan to support UNIX platforms, especially Linux, in the future. This page will be updated in the future as we get more information.
I installed it on a Windoze and found it useful. I watched it detect a NetBus probe-- the icon flashes and you are given the date, time, info, and IP address. When you select the attack for more info it brings up a web page telling you what the attack is, how common it is, not to panic, what you can do about it, including a submit-the-IP address option that tells you to what ISP the attacker's IP (theoretically) belongs to. The info was easy-to-understand and direct so that non-techies won't panic if they read it-- and that's obviously who the product is geared towards.
Overall, it has an intuitive GUI, logical tracking methodology, and is a thorough product.
Good for them (although I concurr that they REALLY should remove an enorsement from JP)...
diva Pasty Drone NewsTrolls, Inc.
He's right, that would be an excellent way to round up alot of the world's hackers.
It'd be a different manner if you wanted to round up the malicious crackers who attack sites though...
Dvorak gazed across the packed-dirt parking lot at the baleful faces near the rusting International Pickup truck. The air was not so much warm as stagnant in the Kentucky autumn day. The three soy farmers stepped toward the battle-ready figure before them. Cletis glanced at Garth and Ezekiel and then at Dvorak.
His jacket had been thrown off at the first exchange of words with the three stern men. Dvorak had rolled up his sleeves and was tightly gripping the Cross sterling-silver pen from the inside lapel pocket of his cast-away jacket.
Cletis spoke in a steady, slow, but menacing drawl, "What was that y'all said about my mother and my Apache Server?"
That was an excerpt from my new novel "Dvorak Takes on the Crackers". What do you think?
The party's over
I disagree with Dvorak on many issues.
:). My parents couldn't tell me what to do, and neither can anyone else's.
> It's a mess, and no operating system is immune.
Exactly. Which means BUILD A BETTER OPERATING SYSTEM. Linux and other freely available OSes are immune to many, if not all, of the attacks with proper setup and filtering.
These journalists should stop touting NT as the holy grail of server OSes when it has gaping security and DOS problems.
I suppose I'm getting into the holy war regarding who gets blamed, the software companies or the people that exploit them. My opinion is that the blame should go on the software companies and implementers.
> This is where teenagers go to grab a quick
> attack package to harass people who won't date
> them.
Puh-lease, that's so stereotypical. If there's any reason you're going to get targeted for an attack, it will be because you're making inflammitory statements such as that one.
> Making an example out of a few punks can have
> two effects: It can cut down on the number of
> casual attacks, but it may also improve the
> hiding skills of more serious hackers.
I disagree. If you start going after script kiddies on the Internet you're going to not only seriously piss them off, but the younger generation of script kiddies, and the more serious and skilled crackers.
If anything, that methodology is going to provoke more hacking similiar to how the drug war actually increases drug usage.
> And if law enforcement doesn't step in to stop
> the little guys, there are two results as well:
> One is the capture of hackers, of course, but
> the other is the encouragement of sites such as
> CyberArmy and WarForge to flourish and to make
> low-end hacking seem like an acceptable hobby.
> It's obvious that the second, lax approach, is
> in effect today.
I have trouble comprehending his point here. If law enforcement steps in to stop the little guys I seriously doubt sites like "CyberArmy" and "WarForge" are going to change their views and stop posting these kinds of materials.
What then? Censor this kind of information? Make the manufacturing and distribution of exploits illegal?
> They key to stopping all this hacking is a
> massive worldwide sting.
Not only could you not catch every cracker/script kiddie in a massive worldwide sting, but it would cost billions of dollars in manpower and technology to operate a high-tech sting of this magnitude. Furthermore (like I said above), this is just going to aggrivate all the crackers who don't go to jail (majority of the juvinilles and all the ones not convicted due to the inevitable lack of evidence).
> The guys who were recently busted for trying to
> run off with 13-year-olds were caught by agents
> posing as teenage girls in a chat room.
This is a different kind of crime though. Trying to meet up with 13-year-olds for molestation/kidnapping is dissimiliar to cracking/DOS attacking. While they both take place online, one involves a hard physical subject (a person, kiddie porn), while cracking/DOSing involves breaking or entering a VIRTUAL environment.
I'm not sure how to really drive home my point that they are very different crimes, but I think anyone who is in the "technological know" can see my point here.
> you can be certain that low-end hackers will
> start to be rounded up.
I doubt it. Good luck if you do FBI! The only thing that has really been like this is the raid on gH, but I bet most (if not all) of them will get off or just recieve very light sentences so they can go do some more damage.
It would be a waste of time to sit in IRC channels and try to bust entire groups for cracking/DOSing sites, and I think the feds know that.
The only time the feds get involved nowadays is if something major goes down, like the White House, the Army, or a coproration with enough money and will-power to prosecute...
> I'm sure their parents won't appreciate the
> legal bills. Maybe that will put a stop to it
> once and for all.
Again, an inflammatory and stereotypical statement. This is not like the 50s or 60s when parents had control over their children through beatings and derogation of self-esteem (yes this is inflammatory too, but it's how my parents explain it to me). Our current generation of kids (and I know because I'm not that old myself) are basically uncontrollable. Those of us who grew up with this technology KNOW there's a world out there that they can influence in one way or another. They can't be censored or "told" what to do other than to be reasoned with (or brainwashed
What do you do? Take away their computer? Kid will just go over to someone else's house, cafe, or computer lab and have fun.
Lock em inside? Ground them? Yeah right. The second you turn your back on that teen he's gonna be out going somewhere and being a teen. Even if you are successful, maybe the kid will just turn his attention to phone phreaking.
So my point? Patch the OSes, filter the offending packets, fix the protocols. Make Microsoft, Sun, & Cisco spend a couple billion to address these issues instead of making tax payers spend a couple billion to fight a losing cause.
Get IPs out of the argument. We all know how
easy it is to spoof IP information. The issue here
is the physical connection.
......At some point...it all tracks back to a unique MAC address....
The only router thats going to be dealing with a MAC address relevant to the source of said spoofed packets is going to be the connection from the sources ISP to the upstream provider. If this router is configured to drop outgoing packets with external source addresses it takes care of spoofing.
Consider the following:
(I'll use private IP's for demonstration purposes.
Assume for the sake of argument they are registered #'s)
Evile.net uses class C addresses on their internal system,
lets say 192.168.1.0 for customers and 192.168.100.0 for their internal backbone
User 31337GoD@Evile.net decides to launch a smurf attack using
The header of said packet says it originates @ 209.207.224.40
When the packet hits Evile.nets gateway to the rest of the world, the gateway, if its configured as a packet filter that checks for IP spoofing, will see an external IP addy on an _internal_ interface and drop said packet instead of pass it out of the world interface.
So if you wanted to truly reverse DoS 1.2.3.4 then you would either have to A) spoof the attack to a huge number of routers that you know 1.2.3.4 connects through...
Or use a source routed packet, of course you'd want to pick a route composed of improperly configured routers, but if you know what you're doing you would have a list of malconfigured routers.
Anyway the point being that if the present technology was used to its best potential the 'net would be a much better place.
I doubt very much that there is any kind of massive sting afoot, either
internationally or in the US. The FBI has no brief to investigate the
normal activities of script kiddies. It turns out that there is no
Federal law forbidding one from gaining unauthorized access to an
Internet host - all such laws in the US are *State* laws, which means
the FBI doesn't investigate violations.
The US Code only prohibits breaking in to so-called "protected
computers" (USC Title 18, Part I, Chapter 47, Section 1030), defined as
follows:
(2) the term ''protected computer'' means a computer -
(A) exclusively for the use of a financial institution or the
United States Government, or, in the case of a computer not
exclusively for such use, used by or for a financial
institution or the United States Government and the conduct
constituting the offense affects that use by or for the
financial institution or the Government; or
(B) which is used in interstate or foreign commerce or
communication;
(source: http://www4.law.cornell.edu/uscode/18/1030.html)
Clearly, this does not cover most of the activities of script kiddies
and other such pests, most of whom attack "unprotected" computers
(universities, ISPs, corporate web sites, non-US hosts, etc.). This
isn't that much of a surprise, I guess --- the FBI doesn't investigate
breaking-and-entering cases either, unless the burglars attack Federal
property.
I suppose that State District Attorneys could be getting together to
gang up on them, though. Short of Congress changing the law, I guess
that's the best we can hope for.
GNU Info is documentation optimized for machine readability
What's he got against us white people?
PD wrote:
/.
D.C. Sessions is well known on the Usenet for a number of things, but I've dealt with him in two areas. He's not a total nutbag by any means, but he is extremely strident (a term applicable to myself as well!) in his views.
Oh dear. "He" was aiming for a rather different tone than "strident." Gonna have to work on that.
1) He's active in the area of spam control on the Usenet. In this regard, I agree with him because spammers are evil, and they have destroyed some of the usefulness of the Usenet.
True, true.
He goes way overboard in my opinion, because he's a monitor of what the *appropriate use* of the internet is. In other words, he's not just against spammers, he's against those who use the internet to further their political goals. And that's where I ran into him when I was arguing a particular topic.
2) And that topic was circumcision.
You forgot vaccination, another area where the going gets wacky.
There's a lot of people who are opposed to it, and they argue on the usenet about it. I think he'd just like to shut that idea down entirely, because, well, he's in favor of performing surgery on infants without a medical diagnosis.
It might be interesting to try to find an example of "him" arguing in favor of circumcision -- in any case you appear to be drawing rather sweeping conclusions from rather meager data.
He doesn't see the usenet as a valid medium for radical political organization.
And here I never knew that. The things you learn on
No matter what a person thinks on an issue, I think the usenet is there for everyone to argue all day long if that's what they want to do, and to organize grassroots political support if they can.
There's a difference between censorship and pointing out nonsense. In other words, your right to speak freely does not include a right to speak unopposed.
DCS does not suffer fools gladly, and has been known to get sarcastic at times, as in the matter of taking a certain Ziff-Davis writer literally on the misuse of "hackers" in place of "crackers."
D. C. Sessions
San Jose (by way of Tempe)
This situation isn't much different from drugs, as long as people want to do them, a way will be found. All law enforcement can do is arrest the least talented and make the rest more cautious and better armed.
The difference from the drug situation is that these are not victimless crimes. As with any crime, some people will keep doing it despite efforts to stop it, but that is no reason to not go after the bastards.
I'd prefer to see hacking winked at, but actual damage responded to in a proportionate matter.
Just tampering with my computer is bad enough. There need not be any additional damage for it to be criminal than snooping through my files, or downgrading my internet connection. Stay off my stuff!
Is't what this sounds like? "And they do such and such and they are weirdos - but we know where they hang out, so why not go get them?"
I'm starting to think I live in China. Sorry, I guess I should say I mean the PRC.
Well, I better finish up this post so I can go sit by my window and wait for the tanks to roll in...
I think this is going to be a very popular product no matter what your level of experience or expertise in Linux is. After all, there's a reason for writing shell scripts and having GUI's versus typing every single command at the shell prompt.
You make it illegal to port scan or winnuke and make the penalities anything more than a slap on the wrist and the real hackers are going to make a mockery of the press and pigs.
They'll arrest grandma on her AOL account and figure out that they were dupped by a IP spoofer right before grandma slaps the city with a wrongful prosecution suit.
** I don't want the script kiddies in jail. I want the guy that can shut down the pacific northwest's power grid sitting in a cell if anyone needs to be.
Or, maybe the terminally stupid could turn off file and print sharing, and stop installing things they don't understand, or resist running that latest app that was attached to their e-mail.
BTW I haven't read anything very on-the-ball from Mr. D since I stopped reading his cooking recipes in the back of Boardwatch.
..and I ended up doing the SAME THING with QB on my parent's 386. It was great fun! that damn article got me thoroughly involved with fractals and chaos for most of my high school career. I later ended up building the 'syncronized chaos generators' project in a latter issue of Sci Am. ah yes. them was the days.
#begin recollection of silly fun projects
At the same point in time, a friend of mine was working on a crude (_CRUDE_) first person shooter called "Revenge of the Lagomorphs". You basically stood in 1 place while ascii rabbits came at you from all directions. The weapon of choice was a GAU-8 which shot a stream of uranium '.'s, IIRC.
I also did a planetary gravity simulator in 9th or 10th grade. It was fun to watch but i got tired of plain old gravity and added multiple planets, moons, and even took a shot at relativity (it only succeeded in making everything run slooowww).
other projects you might try--
+create your own ascii-art gui on an ancient computer
+emulate cryptography machines
+simulate plate tectonics
+make MUSIC!!
Why does eveyone have to keep bring up Whitey? We all know The Man controls the internet.
I run a Win98 machine on a 24/7 cable connect without any firewall or even monitoring, and I don't get taken down/flooded/"cracked" on a daily, weekly, monthly, or even yearly basis. And yes, I do more than browse the web. I do think sitting an 100+ user efnet channels is plenty of advertisement for an ip to get randomly bombed upon, and yet my box lives on. So much for insecurity.
now, when i saw "dvorak takes on crackers"
i thought it meant that dvorak key layouts
were taking on crackers. i have a dvorak
key map (sometimes), and a friend of mine does
always. he also has his telnet daemon hacked
to do dvorak.
thats a damn good defense system against anybody, and a formidable obstacle in the path of anyone who doesn't know dvorak
VOS/Interreality project: www.interreality.org
I hate to sound like the old man here but it sounds like many, or even most, of you aren't old enough to have seen or read John Dvorak until the last couple of years. The man has _ALWAYS_ been a blithering idiot. In 1984, when the Mac came out, his argument against it was that the DOS running PC was a computer built by men, for men. He just recently pulled the same crap by calling the Apple iBook a girlie computer. If you don't like something, come up with a good reason, but leave the nonsense out of it. Also, he recently wrote a column about how Linux isn't worth a damn in a server environment...go check out the October 5 issue of PC magazine though; Winn Rosch has a much more sensible article. I don't know a single person in my circle (and we are a fairly high thinking circle) who thinks this man deserves an audience...sadly he has one. Dvorak obviously has the ear of somebody, and until he fully discredits himself (comparing cracking to soliciting sex from minors is a good start) we will have to continue to put up with his prattle...I have had to put up with it for the last 15 years...let's hope that this Rush Limbaugh of the digerati doesn't hold those ears for another 15.