Yeah, but that depends on the target selection method. I'm guessing spikes like these are mostly bot spreader code (worm-like behaviour) rather than anything man-powered. Find/buy exploit, rewrite it to use your call-back multi-stage bot-loader shellcode, cram it in, send out update to bots? If the statistics come from honeypots, of course, it's guaranteed that it's untargeted attacks since such systems only gets hit by attackers scanning large ranges for targets, unless they're placed on ip ranges belonging to a targeted organization.
A surge in connection attempts like this obviously indicates that someone's found a remote pre-auth hole in a popular telnet service. Apart from coders presumably putting in a lot more effort to write secure code for the SSH server, telnet is only easier to hack compared to an SSH server in terms of MITM/sniffing attacks.
Also, to the ones calling the cops "lazy fucks going after the low-hanging fruit" - consider the situation as these people being the only ones they realistically *can* catch.
Mod parent up. Intelligence or even self-worth is not to be defined as "That which differentiates me from those assholes in high school", no matter how personally gratifying.
How would you argue that it even factors into intelligence? Intelligence is the ability for abstract/complicated thought. Sure, if you have no self-control you won't be able to use it, and you need enough "cognitive inhibition" to follow a train of thought long enough to reach the level of complexity the rest of the brain is capable of - but it's not intelligence as such. I have ADD, and before beginning to take stimulant medication I always suffered from a feeling that I couldn't think "up to my envelope", and a deep-seated feeling of frustration at not being able to take in information to sate my intellectual curiosity. I couldn't keep a number in memory when doing arithmetic excercises in school, I actually had to double-check every number I wrote down at every step.
I think that it's as simple as with Asperger or Psychopathy - you just have to accept that if a person has a neurobiological difference at the "hardware level", your assumptions for being able to relate to that persons cognitive/emotional state goes out the window completely as far as that difference goes. And this isn't even a neurological difference, just a chemical difference leading to unsustained concentration and "unregulated thoughts", something everyone suffers from to a lesser degree. You'd think it wouldn't be too hard to accept.
We need to establish corporate extraterritoriality before anyone exept the government can start to mount turreted autocannons in their lobbies/Black ICE in the networks/kink bombs in the implants of all employees and family members below B-grade. Or at least, that's the story that anyone below grade Ultraviolet/AAA gets fed. But boy, will those AAA bastards be up for a surprise when the second stage of Dunkelzahn's Cyberzombie-Jesus-plot finally comes into action at the product lifecycle end of Shadowrun 4ed...
Yeah, but he claims that a lot of the sites on the list have "high-value information", and I assume that the mil/gov database information he claims to sell on the side are some sort of amalgamation of stuff like that he found. Like the US DoD "pharmacoeconomic center"? That could be sensitive stuff, I guess. Fortunately it looks like they took it down.
I assume the government/security forces of Iran uses whatever software they damn well please. Propaganda is for the people, after all, not the "inner party".
I've never done this sort of work, but I suppose they operate on or have degenerated to the principle "if we just keep telling the management what they want to hear and don't expose too much incompetence in the IT staff we get paid with a minimum of fuzz, even if we could technically fix this"?
How do you guys handle situations like that? Ever had any problems when actually telling the management/client? Or is it all cool and professional?
And why would a computer security firm contract install webcameras? If it's one of those CCTV replacement systems I've read about (and not just webcameras existing for some other reason), wouldn't you get a package deal with remote monitoring and management from the "physical security" firm? Unless they bought one or rigged up one themselves and thought "oh, we'll handle it ourselves".
But still, it sounds completely insane. I knew the IT security industry was full of crazy, but this is just surreal. Inside the actual offices, or just the "parking lot"/other such areas?
Yeah, I didn't mean "critical critical" systems obviously. But given that it was the counterattackers direct action that disabled the system, it seems logical that you'd have to pay damages if the owner decides to sue you, even if it was just an excel spreadsheet that didn't arrive on time that day (IANAL). And making that legal just doesn't seem right. It would be saner to force companies or private citizens to cooperate with a search warrant, taking the hosts down on-site. And again, counter-attack malware wouldn't work long for technical reasons. The way things currently stand anyway. People infiltrate and manipulate botnets for research, but that's manually by skilled hands - and the bot writers are presumably hardening their creations as we speak. They'll only use simple methods as long as the simple methods work.
And lastly, if you are capable of writing anti-bot exploits you are way past the point of needing to care much about law enforcement on the internet. Just follow the attackers lead and attack through an uncooperative jurisdiction? Why not?
Yeah. And they advertise openly, and the buyers discuss their experiences with the software and "bulletproof hosts" on public forums. It's hilarious. I didn't believe this until I saw it. I expected something invite-only or using only personal contacts between hardened criminals or something. Not gauchy banner ads.
Yes, but when you fire a shotgun at a burglar you can be pretty sure that he hasn't had his brain hijacked to believe he's planting bugs to find out if his wife is cheating on him (when in reality, he's been living alone for the past few years in a run-down one-room apartment). The malware is "served up" from hacked sites and botnets, so you risk disabling a critical system. Reliable "counter malware" that isn't custom-tailored to the specific version of a specific bot would require you to kill the networking of the whole host.
If you don't believe me on that, just think about why/how antivirus doesn't just "remove the malware from the system" simply. Not to mention that it's unfeasible to expect this to work long, because malware are small pieces of software that can be hardened against exploits easily, and "stealing" them by spoofing their communications protocol also relies on the protocol being insecure.
"Methods" and "exploits" are not the same thing, of course. The methods are fairly well-known and/or obvious, the exploits found using them (tedious work) are not. The power lies in creating systematized implementations of existing ideas - look at the storm botnet, or the stuxnet worm. Or a particularly monstrous flash exploit. I think that releasing tools to use as a smoke screen would be a counterproductive strategy, because the more visible trouble they'd cause the more "eyes" would be on to the security situation.
You're also over-romanticising the situation I think - the most capable people are naturally those who, for whatever reason, decide to become so (barring other restrictions). This could include money, boredom, or just thrill/"addiction" to the surge of getting into systems unnoticed. I'm sure there's a few gruff "silent professional" Maj. Kusanagi lookalikes out there, as well as crazy passive-aggressive russian nerds in sunglasses sipping tea and rum while weighing the risks of getting involved in the actual usage of the software they ordinarily just sell over ICQ. And sweaty 14-year-old sub-prodigies actually capable of doing some damage. And whitehats releasing tools to harden the systems by forcing the hands of the companies/devs. It's all chaotic, with people doing what they want for their own reason.
Or, these people honestly do not want to care, but are forced to if someone dangles the situation in front of their faces. "Why couldn't he just mind his own business so I could have peace of mind?"
Not to bash Singapore, but aren't those people very big on the "tradition and family unity/the nail that sticks up must be hammered down" front? Even in relation to the other Asian countries?
Um, not that I know of. Can you give some specific examples?
Nope. That's what it looks like from the media and the english-language russian media, however. E.g., corrupt cops, corrupt "regional govenors", corrupt almost everything, including a citizenry used to this corruption and unable to deal with a "formal state". It's like Italy; it makes no sense to me how the country can operate as it is - but this is from the perspective of someone who grew up with the particularities of the Swedish bureaucratic system, which can be very cold and rigid. With the government I mean the government on every level, not just Moscow, but every little office in every little village.
He didn't transfer it under government control - he just gave it away to different people, those who are in favor with him.
But then, what/who would otherwhise have managed those companies. You have to assign someone to manage them in any case, and he's already proven that he can keep them on a leash. If power in Russia invariably extends out from this single man, it would be easier from this perspective to have one person on a leash, rather than a committee or managing departement of some sort where corruption can slip through the cracks and scheming between members can take place.
Slashdot Mirror
Yeah, but that depends on the target selection method. I'm guessing spikes like these are mostly bot spreader code (worm-like behaviour) rather than anything man-powered. Find/buy exploit, rewrite it to use your call-back multi-stage bot-loader shellcode, cram it in, send out update to bots? If the statistics come from honeypots, of course, it's guaranteed that it's untargeted attacks since such systems only gets hit by attackers scanning large ranges for targets, unless they're placed on ip ranges belonging to a targeted organization.
A surge in connection attempts like this obviously indicates that someone's found a remote pre-auth hole in a popular telnet service. Apart from coders presumably putting in a lot more effort to write secure code for the SSH server, telnet is only easier to hack compared to an SSH server in terms of MITM/sniffing attacks.
You might want to look into NMaps scripting features if you have the time. It's designed to implement exactly that kind of stuff.
Also, to the ones calling the cops "lazy fucks going after the low-hanging fruit" - consider the situation as these people being the only ones they realistically *can* catch.
Mod parent up. Intelligence or even self-worth is not to be defined as "That which differentiates me from those assholes in high school", no matter how personally gratifying.
How would you argue that it even factors into intelligence? Intelligence is the ability for abstract/complicated thought. Sure, if you have no self-control you won't be able to use it, and you need enough "cognitive inhibition" to follow a train of thought long enough to reach the level of complexity the rest of the brain is capable of - but it's not intelligence as such. I have ADD, and before beginning to take stimulant medication I always suffered from a feeling that I couldn't think "up to my envelope", and a deep-seated feeling of frustration at not being able to take in information to sate my intellectual curiosity. I couldn't keep a number in memory when doing arithmetic excercises in school, I actually had to double-check every number I wrote down at every step.
I think that it's as simple as with Asperger or Psychopathy - you just have to accept that if a person has a neurobiological difference at the "hardware level", your assumptions for being able to relate to that persons cognitive/emotional state goes out the window completely as far as that difference goes. And this isn't even a neurological difference, just a chemical difference leading to unsustained concentration and "unregulated thoughts", something everyone suffers from to a lesser degree. You'd think it wouldn't be too hard to accept.
We need to establish corporate extraterritoriality before anyone exept the government can start to mount turreted autocannons in their lobbies/Black ICE in the networks/kink bombs in the implants of all employees and family members below B-grade. Or at least, that's the story that anyone below grade Ultraviolet/AAA gets fed. But boy, will those AAA bastards be up for a surprise when the second stage of Dunkelzahn's Cyberzombie-Jesus-plot finally comes into action at the product lifecycle end of Shadowrun 4ed...
Hey, don't forget Warren Ellis.
Yeah, but he claims that a lot of the sites on the list have "high-value information", and I assume that the mil/gov database information he claims to sell on the side are some sort of amalgamation of stuff like that he found. Like the US DoD "pharmacoeconomic center"? That could be sensitive stuff, I guess. Fortunately it looks like they took it down.
I assume the government/security forces of Iran uses whatever software they damn well please. Propaganda is for the people, after all, not the "inner party".
I've never done this sort of work, but I suppose they operate on or have degenerated to the principle "if we just keep telling the management what they want to hear and don't expose too much incompetence in the IT staff we get paid with a minimum of fuzz, even if we could technically fix this"?
How do you guys handle situations like that? Ever had any problems when actually telling the management/client? Or is it all cool and professional?
And why would a computer security firm contract install webcameras? If it's one of those CCTV replacement systems I've read about (and not just webcameras existing for some other reason), wouldn't you get a package deal with remote monitoring and management from the "physical security" firm? Unless they bought one or rigged up one themselves and thought "oh, we'll handle it ourselves".
But still, it sounds completely insane. I knew the IT security industry was full of crazy, but this is just surreal. Inside the actual offices, or just the "parking lot"/other such areas?
You've got to be kidding.
Yes.
Google Safe Browsing and PhishTank (operated by OpenDNS) lists it as clean...
And there's lots of other things you can find. Here are some lists: http://www.hackersforcharity.org/ghdb/
Yeah, I didn't mean "critical critical" systems obviously. But given that it was the counterattackers direct action that disabled the system, it seems logical that you'd have to pay damages if the owner decides to sue you, even if it was just an excel spreadsheet that didn't arrive on time that day (IANAL). And making that legal just doesn't seem right. It would be saner to force companies or private citizens to cooperate with a search warrant, taking the hosts down on-site. And again, counter-attack malware wouldn't work long for technical reasons. The way things currently stand anyway. People infiltrate and manipulate botnets for research, but that's manually by skilled hands - and the bot writers are presumably hardening their creations as we speak. They'll only use simple methods as long as the simple methods work.
And lastly, if you are capable of writing anti-bot exploits you are way past the point of needing to care much about law enforcement on the internet. Just follow the attackers lead and attack through an uncooperative jurisdiction? Why not?
Yeah. And they advertise openly, and the buyers discuss their experiences with the software and "bulletproof hosts" on public forums. It's hilarious. I didn't believe this until I saw it. I expected something invite-only or using only personal contacts between hardened criminals or something. Not gauchy banner ads.
Yes, but when you fire a shotgun at a burglar you can be pretty sure that he hasn't had his brain hijacked to believe he's planting bugs to find out if his wife is cheating on him (when in reality, he's been living alone for the past few years in a run-down one-room apartment). The malware is "served up" from hacked sites and botnets, so you risk disabling a critical system. Reliable "counter malware" that isn't custom-tailored to the specific version of a specific bot would require you to kill the networking of the whole host.
If you don't believe me on that, just think about why/how antivirus doesn't just "remove the malware from the system" simply. Not to mention that it's unfeasible to expect this to work long, because malware are small pieces of software that can be hardened against exploits easily, and "stealing" them by spoofing their communications protocol also relies on the protocol being insecure.
"Methods" and "exploits" are not the same thing, of course. The methods are fairly well-known and/or obvious, the exploits found using them (tedious work) are not. The power lies in creating systematized implementations of existing ideas - look at the storm botnet, or the stuxnet worm. Or a particularly monstrous flash exploit. I think that releasing tools to use as a smoke screen would be a counterproductive strategy, because the more visible trouble they'd cause the more "eyes" would be on to the security situation.
You're also over-romanticising the situation I think - the most capable people are naturally those who, for whatever reason, decide to become so (barring other restrictions). This could include money, boredom, or just thrill/"addiction" to the surge of getting into systems unnoticed. I'm sure there's a few gruff "silent professional" Maj. Kusanagi lookalikes out there, as well as crazy passive-aggressive russian nerds in sunglasses sipping tea and rum while weighing the risks of getting involved in the actual usage of the software they ordinarily just sell over ICQ. And sweaty 14-year-old sub-prodigies actually capable of doing some damage. And whitehats releasing tools to harden the systems by forcing the hands of the companies/devs. It's all chaotic, with people doing what they want for their own reason.
Or, these people honestly do not want to care, but are forced to if someone dangles the situation in front of their faces. "Why couldn't he just mind his own business so I could have peace of mind?"
Archologies or "mini-archologies", anyone?
Sweden, for example, has around 15-20.000 homeless as a matter of fact. They even have their own magazine.
Not to bash Singapore, but aren't those people very big on the "tradition and family unity/the nail that sticks up must be hammered down" front? Even in relation to the other Asian countries?
Um, not that I know of. Can you give some specific examples?
Nope. That's what it looks like from the media and the english-language russian media, however. E.g., corrupt cops, corrupt "regional govenors", corrupt almost everything, including a citizenry used to this corruption and unable to deal with a "formal state". It's like Italy; it makes no sense to me how the country can operate as it is - but this is from the perspective of someone who grew up with the particularities of the Swedish bureaucratic system, which can be very cold and rigid. With the government I mean the government on every level, not just Moscow, but every little office in every little village.
He didn't transfer it under government control - he just gave it away to different people, those who are in favor with him.
But then, what/who would otherwhise have managed those companies. You have to assign someone to manage them in any case, and he's already proven that he can keep them on a leash. If power in Russia invariably extends out from this single man, it would be easier from this perspective to have one person on a leash, rather than a committee or managing departement of some sort where corruption can slip through the cracks and scheming between members can take place.