I have just patented a method for reading information distributed worldwide by means of a chair, internet access and a web browser running on a computer.
I'm sure some of you have read this on Wired, regarding 'Dick Tracy' watches - this seems like something which might move us even closer to the reality:-)
I'm fairly suprised that this isn't more commonplace already. Considering the likelyhood of being able to find a working net connection (or whatever) in the average war zone, and the fact that satellite time is cheap compared to the average network's budget, this should have been done years ago.
And BTW, a stateful firewall can also limit which outbound ports you need open.
Good thing I've got one then:-)
I had the same thought, and for that reason I do all my admin remotely through my laptop. With a firewall behind my ADSL, and one on each of my PCs, it seems unlikely that both machines would become vulnerable before I got a handle on the problem.
I was referring to inbound ports. Unless of course, the trojan contacted the cracker rather than vice-versa, which is entirely possible but would mean the cracker's IP would have to remain static and thus quite traceable.
Without knowing your capacity as a user I can't speak for you, but I regularly check on the apps (using netstat) that have ports open, and if I see something I shouldn't, I check it out.
Re:Let's pretend I'm on linux...
on
Windows Rootkits
·
· Score: 1
Go to #linux on efnet, grab IPs at random from the kids in the pack (heck try the mods too), and see how many you can log into with root/root or root/(blank).
There's also the argument that the kind of people who hang around in #linux are the same 13 year old kids who hang on efnet because they want to be l337.
There are many millions more ppl using Windows than Linux, and statistically speaking the percentage of those using Windows for non-user level purposes will be much lower than the same for Linux. Besides, if the average 13 year old's Linux system gets 0wned, it's 1) quite likely to be by another 13 year old script kiddie, and 2) they probably won't notice anyway.
there's more you can do (network wise) with a few small shell scripts in linux, than you could in windows.
This is true, if we're talking about things you can do 'out of the box'. On the other hand, using a console and file upload permissions on an NT/2k/XP system, you can progressively open ports for remote sessions, access network shares, and pretty much do anything (eventually) you'd do locally.
That doesn't always help...some drivers are set to load during a safe boot anyway, and I'm assuming since the trojan acts as a layer between the kernel and the upper OS layers, i would be loaded in any boot mode except console mode.
The recovery console is only any good if the trojan isn't masquarading as some other, normally innocent device driver or service. If, for instance (not giving anyone ideas, BTW:-), the trojan was to replace a service such as Messenger, which isn't unusual to find installed, but is by no means essential, how would you know which one of the many services installed was the imposter? We all know how easy it is to bypass Windows File Protection...
How about one that can get through your firewall. Maybe cycle through all ports until it can make communication?
The only ports open through my firewall are those needed for web services on my server, and those ports are already opened by the server daemons themselves. If any other app tried to open the port, they'd fail seeing as it was already open for another service.
The best way to defeat this kind of trojan is to prevent it from being installed
My apologies for this unadultarated sarcasm but, uh, duh? No, I really like my machine being compromised by some bastard cracker idiot. Please mister cracker, come and render my computer useless!
I'm done now.
Re:Let's pretend I'm on linux...
on
Windows Rootkits
·
· Score: 2, Informative
My point was not that it's easier to do on Windows than on Linux (it's not), but that the average Linux user is a lot more likely to already have 'locked down' their system than the average Windows user, not to mention is more likely to hve the skills to remove it.
Also, since Linux is a file based config OS, it's gonna be a damn sight easier to remove a rootkit than it would be with Win32. Having had experience (trying to) remove undesirable VXDs and so forth from Windows systems, if the driver in question is resident Windows itself tries very hard not to let you remove it, and there's no easy way to edit the registry without booting fully into the OS.
The really worrying part
on
Windows Rootkits
·
· Score: 3, Insightful
The bit that really concerns me is that it's possible at all, to install a device driver without the user's consent that can directly mediate between the hardware layer and the kernel -
But then I guess that it's possible precisely because MS have made it simple to manage, and thus simple to mis-manage.
Of course, the best way to defeat this kind of trojan is simply to use a firewall and block the ports being used to remotly configure the hidden driver. So then, the worrying part is not the trojan itself, but the competancy of the average user...
Ah, so does that mean we're not seeing dupes, we're seeing posts from parallel universes? We can't complain about them, otherwise our parallel selves won't be able to read/.!
I (like many of you) work on a contract basis per project, and I'm contracted to fix any problems with the software as part of the job.
If an intruder breaks into a database through a back door I put in (and let's face it, it is asking for trouble), I'm obliged to spend my valuable time closing the hole.
I'm not of the opinion that it's worth my time and money to show off what a great hacker I am - my clients are really the ones who matter, since they pay my wages, and my skills should be reflected in my work...
You may find this useful...
on
Barebones Notebook
·
· Score: 5, Informative
Doesn't this seem like the biggest waste of DOJ time? There are people out there guilty of *actual crimes* like murder, assault, carjacking etc, and they seem to be just as happy to track down and stop the sale of bloody XBox mod-chips, which to be frank probably has very little effect on Microsoft's sales figures, as they are finding the real baddies.
Let's face it, if anything, Microsoft will be making more money out of modchips than anything else - it's not like they've got an original brand Microsoft mod-chip for sale, is it? What damn difference does it make to them if I'm also choosing to run Linux as well as Tony Hawk 4?
Plus, how many more Slashdotters are likely to buy an XBox on the grounds of mod-chip, and thus Linux, support? Quite a few, I'd guess.
Slashdot Mirror
I have a woman who was impressed by my other innumerable charms, so I no longer have to avoid this kind of thing to get the girls.
I was gonna shell out for one of these for a little recreational..um...let's call it wireless network vulnerability testing...
I didn't say that it matters what you're doing with the chair...
I have just patented a method for reading information distributed worldwide by means of a chair, internet access and a web browser running on a computer.
I believe you all owe me royalties?
But who wants to thumb a lift to Barnard's star? Or is your name really Ford Prefect?
I'm sure some of you have read this on Wired, regarding 'Dick Tracy' watches - this seems like something which might move us even closer to the reality :-)
I'm fairly suprised that this isn't more commonplace already. Considering the likelyhood of being able to find a working net connection (or whatever) in the average war zone, and the fact that satellite time is cheap compared to the average network's budget, this should have been done years ago.
Yeah, but it's hardly the first time hardware companies mix their tech terms, is it...?
Looks like the author's had a sex change between posting the article and the Slashdot posting!
There is a difference between "Michelle" and "Mitchell"...
Read the replies!
You make sure you're using an original copy of netstat, or even better, use a similar but 2rd party tool.
I think there would be a market for about five computers in the world
- Thomas J Watson (IBM in the 1950s)
Well, that panned out!
And BTW, a stateful firewall can also limit which outbound ports you need open.
:-)
Good thing I've got one then
I had the same thought, and for that reason I do all my admin remotely through my laptop. With a firewall behind my ADSL, and one on each of my PCs, it seems unlikely that both machines would become vulnerable before I got a handle on the problem.
Okay, okay, so I typed without thinking.
:-)
Hey, you're not the guy writing these things, are you...?
Yup, this is definitely a step in the right direction, but dialogs are quite easily disposed of...
It's daft about Lexmark (I've had the same calls!) especially when they're clearly going to make a packet from print cartridges in the future...
Thanks for the lesson.
I was referring to inbound ports. Unless of course, the trojan contacted the cracker rather than vice-versa, which is entirely possible but would mean the cracker's IP would have to remain static and thus quite traceable.
Without knowing your capacity as a user I can't speak for you, but I regularly check on the apps (using netstat) that have ports open, and if I see something I shouldn't, I check it out.
Go to #linux on efnet, grab IPs at random from the kids in the pack (heck try the mods too), and see how many you can log into with root/root or root/(blank).
There's also the argument that the kind of people who hang around in #linux are the same 13 year old kids who hang on efnet because they want to be l337.
There are many millions more ppl using Windows than Linux, and statistically speaking the percentage of those using Windows for non-user level purposes will be much lower than the same for Linux. Besides, if the average 13 year old's Linux system gets 0wned, it's 1) quite likely to be by another 13 year old script kiddie, and 2) they probably won't notice anyway.
there's more you can do (network wise) with a few small shell scripts in linux, than you could in windows.
This is true, if we're talking about things you can do 'out of the box'. On the other hand, using a console and file upload permissions on an NT/2k/XP system, you can progressively open ports for remote sessions, access network shares, and pretty much do anything (eventually) you'd do locally.
That doesn't always help...some drivers are set to load during a safe boot anyway, and I'm assuming since the trojan acts as a layer between the kernel and the upper OS layers, i would be loaded in any boot mode except console mode.
:-), the trojan was to replace a service such as Messenger, which isn't unusual to find installed, but is by no means essential, how would you know which one of the many services installed was the imposter? We all know how easy it is to bypass Windows File Protection...
The recovery console is only any good if the trojan isn't masquarading as some other, normally innocent device driver or service. If, for instance (not giving anyone ideas, BTW
How about one that can get through your firewall. Maybe cycle through all ports until it can make communication?
The only ports open through my firewall are those needed for web services on my server, and those ports are already opened by the server daemons themselves. If any other app tried to open the port, they'd fail seeing as it was already open for another service.
The best way to defeat this kind of trojan is to prevent it from being installed
My apologies for this unadultarated sarcasm but, uh, duh? No, I really like my machine being compromised by some bastard cracker idiot. Please mister cracker, come and render my computer useless!
I'm done now.
My point was not that it's easier to do on Windows than on Linux (it's not), but that the average Linux user is a lot more likely to already have 'locked down' their system than the average Windows user, not to mention is more likely to hve the skills to remove it.
Also, since Linux is a file based config OS, it's gonna be a damn sight easier to remove a rootkit than it would be with Win32. Having had experience (trying to) remove undesirable VXDs and so forth from Windows systems, if the driver in question is resident Windows itself tries very hard not to let you remove it, and there's no easy way to edit the registry without booting fully into the OS.
The bit that really concerns me is that it's possible at all, to install a device driver without the user's consent that can directly mediate between the hardware layer and the kernel -
But then I guess that it's possible precisely because MS have made it simple to manage, and thus simple to mis-manage.
Of course, the best way to defeat this kind of trojan is simply to use a firewall and block the ports being used to remotly configure the hidden driver. So then, the worrying part is not the trojan itself, but the competancy of the average user...
Ah, so does that mean we're not seeing dupes, we're seeing posts from parallel universes? We can't complain about them, otherwise our parallel selves won't be able to read /.!
Well exactly!
And something tells me that 'Hacker insurance' probably doesn't cover cases where the hackers used backdoors...
I (like many of you) work on a contract basis per project, and I'm contracted to fix any problems with the software as part of the job.
If an intruder breaks into a database through a back door I put in (and let's face it, it is asking for trouble), I'm obliged to spend my valuable time closing the hole.
I'm not of the opinion that it's worth my time and money to show off what a great hacker I am - my clients are really the ones who matter, since they pay my wages, and my skills should be reflected in my work...
Here's a direct link to the manufacturer's website:
http://www.ecs.com.tw/products/a980.htm
and here's a mirror for the ineviatable slashdotting:
http://www.meatspace.co.uk/ibuddie/
Doesn't this seem like the biggest waste of DOJ time? There are people out there guilty of *actual crimes* like murder, assault, carjacking etc, and they seem to be just as happy to track down and stop the sale of bloody XBox mod-chips, which to be frank probably has very little effect on Microsoft's sales figures, as they are finding the real baddies.
Let's face it, if anything, Microsoft will be making more money out of modchips than anything else - it's not like they've got an original brand Microsoft mod-chip for sale, is it? What damn difference does it make to them if I'm also choosing to run Linux as well as Tony Hawk 4?
Plus, how many more Slashdotters are likely to buy an XBox on the grounds of mod-chip, and thus Linux, support? Quite a few, I'd guess.