Gee, I guess there was no information there whatsoever. I just told
him of one type of attack I was aware of, and sourced the information,
so he could look at it if he wants, and make his own decision. No
information there at all.
As far as mentioning a book, I don't see the problem in mentioning
books. Are you claiming that books are not information? Would my post
have been better if I didn't mention the book, and took credit knowing
this myself? Along the same lines, how many of the post to this list
reference URLs. Is it Ok, because it's electronic? Should I go burn
all my books?
THX,
Pete Goodridge
______________________________ Reply Separator _________________________________
Subject: Re: frame relay...
Author: "Marc Renner" <[EMAIL PROTECTED]> at internet
Date: 11/23/1999 1:23 PM
*laugh*
Paraphrasing from Mastering Network Security by Chris Brenton page
125, it can be broken into if:
Someone is connected to the CO and switch, and they know your DLCI.
The book goes into it a little more.
THX,
Pete Goodridge
So what you're telling this person is to go buy a book? If this is all we are
going to tell people who traffic this mailing list for help, we undermine the
very purpose of it's existence - INFORMATION. I would suggest that if you do not
have anything of value to post, please refrain..we all have enough SPAM to deal
with day-to-day.
Ron: In response to your original question, about 99.98% of internet traffic is
at some point "frame-relay". As a result the majority of "Hacked" or
"compromised" systems are done using a frame relay circuit at some point between
the criminal and the victim. This does not need to be done using a "sniffer".
Typically it's done by port scanning, with a utility that scans an IP address or
range of IP addresses for open or active ports. Once the active ports are noted
a hacker will then trying to brute-force their way into the system by using
pregenerated login/password lists and a program that will keep hammering the
system with different combinations of logins/passwords untill it finds one that
works.
Packet sniffing attacks are relatively rare, one must have access to your cable
structure in order to grab your packets. OR as Mr. Brenton points out access to
your telephone company's cable structure.
All these reports of web sites being hacked and "Stolen" are done by poorly
written cgi scripts that allow command line executions (earlier versions of
Apache Web Server were notorious for allowing these cgi scripts by default)
I hope this helps clear things up...
Marc Renner - Director
Network Operations Dept.
City of Marysville, Wa.
++Don't get MAD....Get NDS!++
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
