Hi Leslie, Leslie Newell wrote: > Let's be realistic about this. What are the chances of a hacker randomly > scanning IP addresses and ports on the web and finding a running emcrsh
Realistic? Chances are exactly 100%. Looking at my linux firewall I see tons of scans on all kinds of ports every day so chances are they will scan your system in less than an day if not in few hours or minutes. While this is not a mailing list for computer security topics, it's important to say that one needs to be vigil in that respect all the time. Let's say you are a contractor for another company making special parts for a mechanism that ends up in some military equipment. Somebody breaks into a Linux box and steals a file with G code for that part... It doesn't need to be work for military stuff at all. It could be a prototype for a patent application, sample for a big job bid, etc. Bad guys don't have fun with 'rm -rf /*' because you would notice it right away. They want your data, knowledge, or zombies to search for such elsewhere. As a systems administrator I would not approve of anybody telneting from the outside to a system on the network I'm responsible for. We already have too many problems let's not add another one when it can easily be avoided. > session? Even if one did, what is the likelihood of him then recognizing > the connection and trying to take over your machine? I'd say you have One would only need to inject a special string that would execute like a shell during a session. It could simply sniff for the password, create a user account and prepare for a long hideout. Don't forget man in the middle attack where payload is spiced with "special code." Tools are already there. http://books.google.com/books?id=A0D4KhXjQ7MC&pg=PA254&lpg=PA254&dq=break+into+telnet+session&source=web&ots=XOI_4-LxXp&sig=eaYz-AlbBUiDcN3DywcqUi1NnUw&hl=en&sa=X&oi=book_result&resnum=6&ct=result > probably got more chance of being hit on the head by a meteorite. > What was the common perception, never mind the government, of probability for global recession last summer when the oil prices reached $147 per barrel? 0. So what's the bet? Precision rail guide or a stepper motor? > If you are running a high profile operation and advertise the fact that > your machine is controlled over the internet then maybe someone would > give it a go. No need to advertise. Traffic is simply monitored for type protocols, applications, etc. use on servers. Bad guys keep databases of "systems of interest" and when a vulnerability is discovered they know which systems can be turned into zombies right away. Only paranoid systems administrators can sleep well at night because they protect systems from the beginning. > > Les -- Rafael ------------------------------------------------------------------------------ Check out the new SourceForge.net Marketplace. It is the best place to buy or sell services for just about anything Open Source. http://p.sf.net/sfu/Xq1LFB _______________________________________________ Emc-users mailing list Emc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/emc-users
