speaking about hacking... interesting article on grc.com getting hacked - GoFuckYourself.com

HQ · 07-15-2001, 09:52 PM

speaking about hacking... interesting article on grc.com getting hacked by a 13 year old... and how steve gibson gets his site back up:
http://grc.com/dos/grcdos.htm

[This message has been edited by HQ (edited 07-15-2001).]

HQ · 07-15-2001, 09:54 PM

i suggest you all read the whole thing, it's very informative and very very interesting.

mr. mpg · 07-15-2001, 10:40 PM

Good post! Very interesting reading their!

------------------
Webmasters... Need free gallery content?
Tons of quality pics! Now with full FTP!
XXXFreeHosting

HQ · 07-15-2001, 11:36 PM

mr. mpg, thx! very interesting read condering how descriptive he is.

www.grc.com kicks ass.

Gemini · 07-16-2001, 12:49 AM

Thats why we have two copies of every one of ours and clients sites stored locally. Blow one of ours up and its back in a flash. Depend on a host and you could be screwed as far as their backing up regularly.

oscer · 07-16-2001, 03:41 AM

You Drop kids like that Down Stairs and then Kick them with Steal Toed Boots

SR · 07-16-2001, 05:03 AM

Yes those attacks are highly effective and annoying.

We have had some of those attacks on our server (non adult server).
The problem is that you can't hardly do anything against these attacks.
And it is so easy to do that anyone who knows how to turn a computer on and off can use it.
Most attacks are done by young people so the problem is that you can't lock them up.
Maybe make them pay the damage they created.
Too bad for them if they have to pay for the rest of their life.

It's real bad that it is so easy and that you can take anything down you want.

Chris R · 07-16-2001, 05:22 AM

In the olden days - you needed some skill to be a hacker and get into systems and look around. I thought of this as fairly harmless as long as you weren't selling information or anything.

Now a days you have kids that seem to do it just to be disruptive. DDOS sucks, and the other thing that bothers me is the complacency of the system admins on the other end.

I had two people hot link my site earlier in the week. I didn't realize how much of a problem this could be.

One made over 20,000 hits to my site. I called their hosting - they said to send them an email and they would pull it.
http://www.bojue.com/big5/board/board1/data/18243.html

Over 30,000 hits now and they still haven't pulled it after two requests.

Another place did so almost immediately.

If system admins were more responsible about the type of stuff that goes thru their system, this would be much easier to defeat. Unfortunately - many do not care. Many of the smaller ones do and will be glad to help you.

God help you if you have a problem with AOL. The only way AOL will get involved is by court order, or if the person threatens to kill himself or someone else in a chatroom/IM.

There needs to be a better system in place for these security issues. Comcast should be scanning their own users for these security holes. So should other ISPs.

HQ · 07-16-2001, 02:54 PM

Chris R, exactly right.

gibson's figured the whole problem out and only required a little help from home.com and they ignore him:

Quote:

grc.com:
I told Todd that after I had dissected a Zombie, I might be able to come up with a way for @home to scan their network to find all of them. It turns out that I have found a way, but again, Todd and @home couldn't be bothered. He declined all cooperation of any sort, curtly adding that they work with the FBI, and no one else. As we will see next, this is a policy in dire need of change. Nice as it sounds on the surface, the realities of Federal government involvement mean that most of the time Todd and @home . . . do nothing.

that's what steve gibson is trying to do... wake everyone up to get a more secure internet.

another crazy read is the windows xp threat:

http://grc.com/dos/winxp.htm

basically win xp makes it easier to spoof (or fake) IPs, which is obviously trouble.

[This message has been edited by HQ (edited 07-16-2001).]

07-15-2001, 09:52 PM	#1
HQ Confirmed User Join Date: Jan 2001 Posts: 3,539	speaking about hacking... interesting article on grc.com getting hacked speaking about hacking... interesting article on grc.com getting hacked by a 13 year old... and how steve gibson gets his site back up: http://grc.com/dos/grcdos.htm [This message has been edited by HQ (edited 07-15-2001).]

07-15-2001, 09:54 PM	#2
HQ Confirmed User Join Date: Jan 2001 Posts: 3,539	i suggest you all read the whole thing, it's very informative and very very interesting.

07-15-2001, 10:40 PM	#3
mr. mpg Confirmed User Join Date: Mar 2001 Posts: 140	Good post! Very interesting reading their! ------------------ Webmasters... Need free gallery content? Tons of quality pics! Now with full FTP! XXXFreeHosting

07-15-2001, 11:36 PM	#4
HQ Confirmed User Join Date: Jan 2001 Posts: 3,539	mr. mpg, thx! very interesting read condering how descriptive he is. www.grc.com kicks ass.

07-16-2001, 12:49 AM	#5
Gemini Confirmed User Join Date: Jan 2001 Location: o-HI-o Posts: 7,183	Thats why we have two copies of every one of ours and clients sites stored locally. Blow one of ours up and its back in a flash. Depend on a host and you could be screwed as far as their backing up regularly.

07-16-2001, 03:41 AM	#6
oscer Confirmed User Industry Role: Join Date: Jan 2001 Location: Baltimore Posts: 2,834	You Drop kids like that Down Stairs and then Kick them with Steal Toed Boots

07-16-2001, 05:03 AM	#7
SR Confirmed User Join Date: Jul 2001 Location: The Netherlands Posts: 2,239	Yes those attacks are highly effective and annoying. We have had some of those attacks on our server (non adult server). The problem is that you can't hardly do anything against these attacks. And it is so easy to do that anyone who knows how to turn a computer on and off can use it. Most attacks are done by young people so the problem is that you can't lock them up. Maybe make them pay the damage they created. Too bad for them if they have to pay for the rest of their life. It's real bad that it is so easy and that you can take anything down you want.

07-16-2001, 05:22 AM	#8
Chris R Confirmed User Join Date: May 2001 Location: Baltimore, MD USA Posts: 1,151	In the olden days - you needed some skill to be a hacker and get into systems and look around. I thought of this as fairly harmless as long as you weren't selling information or anything. Now a days you have kids that seem to do it just to be disruptive. DDOS sucks, and the other thing that bothers me is the complacency of the system admins on the other end. I had two people hot link my site earlier in the week. I didn't realize how much of a problem this could be. One made over 20,000 hits to my site. I called their hosting - they said to send them an email and they would pull it. http://www.bojue.com/big5/board/board1/data/18243.html Over 30,000 hits now and they still haven't pulled it after two requests. Another place did so almost immediately. If system admins were more responsible about the type of stuff that goes thru their system, this would be much easier to defeat. Unfortunately - many do not care. Many of the smaller ones do and will be glad to help you. God help you if you have a problem with AOL. The only way AOL will get involved is by court order, or if the person threatens to kill himself or someone else in a chatroom/IM. There needs to be a better system in place for these security issues. Comcast should be scanning their own users for these security holes. So should other ISPs.