Hackers Targeting Home Computers (fwd)

Sunder sunder at sunder.net
Wed Jan 9 08:57:39 PST 2002

This is sooooo 1999...  I've seen port scans as soon as cable modems and
dsl lines started to be installed.  Of course soon as some dork didn't
have a firewall, you really had a "network neighborhood" to play with.

What pissed me off is that when I was using Concentric's DSL (XO
now) Windows boxes somehow did broadcasts that strangely enough made it
past the routers (not sure if they're multicasts or what) and advertised

At first I though these were the usual nmap/strobe attacks, but they
were just on port 139... so that got me curious enough to try and connect
to these boxes.  To my surprise they were full blown windows 9x and 2000
machines in homes where the owner had another machine and shared his/her
local drives with the world!  Anyone from anywhere on the planet could
mount their drives.  So I was nice enough to leave a note on their desktop
informing them of the consequences of their actions.

I doubt that I was the only one who noticed such open hosts, and I'd guess
a lot of these were "owned" pretty quickly...

Oy! Of course these days I refrain from even such cursive curiosities due
to the misinterpretation of these acts by our overzealous friends.

 + ^ + :Surveillance cameras|Passwords are like underwear. You don't /|\
  \|/  :aren't security.  A |share them, you don't hang them on your/\|/\
<--*-->:camera won't stop a |monitor, or under your keyboard, you   \/|\/
  /|\  :masked killer, but  |don't email them, or put them on a web  \|/
 + v + :will violate privacy|site, and you must change them very often.
--------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------

On Fri, 4 Jan 2002, Jim Choate wrote:

> ---------- Forwarded message ----------
> Date: Fri, 4 Jan 2002 10:10:28 -0500
> From: "R. A. Hettinga" <rah at shipwright.com>
> To: Digital Bearer Settlement List <dbs at philodox.com>,
>     cryptography at wasabisystems.com, dcsb at ai.mit.edu
> Subject: Hackers Targeting Home Computers
> http://interactive.wsj.com/archive/retrieve.cgi?id=SB1010104082304162760.djm&template=printing.tmpl
> January 3, 2002
> Tech Center
> Home Computers Are Becoming
> More Common Target for Hackers
> Associated Press
> WASHINGTON -- Computer hackers, once satisfied to test their skills on
> large companies, are turning their sights to home computers that are
> faster, more powerful and less secure than ever before.
> The hackers can steal your identity, destroy your data or use your computer
> to launch attacks on Web sites or your friends.
> "Home machines weren't very interesting targets a few years ago," said
> Mikko Hypponen of antivirus company F-Secure in Finland. "That's all
> changed now."
> Experts attribute the threat to several factors:
> *	Many home computers are now as powerful as business computers, with
> enough memory and processing power to make them alluring staging areas for
> wide-scale Internet attacks that affect other computers.
> *	A growing number are connected directly to the Internet through
> high-speed DSL and cable lines that remain open all the time. Computers
> that are left on around the clock are vulnerable.
> *	Unlike businesses with permanent security staff, most home users are
> slow to secure their computers with the latest antivirus and firewall
> software and to plug security holes by downloading the necessary fixes from
> software makers such as Microsoft Corp.
> *	Many home users are unaware of Internet threats and are too willing to
> click on unsolicited e-mails that might be infected with malicious programs.
> "Home users have generally been the least prepared to defend against
> attacks," Carnegie Mellon University's Computer Emergency Response Team
> Coordination Center warns. "In many cases, these machines are then used by
> intruders to launch attacks against other organizations."
> Internet analyst firm Jupiter Media Metrix estimated that 71.2 million
> American households had personal computers in 2001, almost three-quarters
> of the nation's households, and 61.2 million had Internet access.
> Viruses and worms -- which are viruses that don't need human intervention
> to multiply -- make up a large part of the new threats to home computers.
> In the past year, users' computers have been infected with malicious
> programs with catchy names like Code Red, Nimda, SirCam, Anna Kournikova
> and others that could be spread through e-mail or by surfing the Internet.
> Antivirus firm Message Labs reported that it detected one virus per 370
> e-mails in 2001, double the rate of the previous year.
> The potential damage from hackers is also growing.
> Several years ago, virus writers were content to simply destroy data on a
> computer. Now they can imbed malicious programs that spy on users or steal
> their identity, use personal computers to attack other systems and use an
> e-mail address book to unwittingly infect the computers of people's
> correspondents.
> Even the most savvy users have been victimized. An FBI cybercrime
> researcher's computer infected with the SirCam program sent out official
> documents that spread the virus -- to the bureau's embarrassment.
> The federal government is trying to better educate and insulate home users,
> hoping it will slow the spread of Internet viruses or worms that could slow
> the entire Internet and its e-commerce.
> The outbreak of the Code Red Internet worm last summer sparked an
> unprecedented show of force from government and private industry.
> "We've never seen a virus before that would not affect end-user machines at
> all; it just jumped from one Web server to another," Mr. Hypponen said. "It
> really made Code Red more like a weapon than anything else."
> Although home computers were not affected, the message government and
> private security experts want home users to take from that threat is that
> computer maintenance needs to become as routine as locking your house and
> car.
> Home users need to routinely update their antivirus and Internet firewall
> software against the latest threats and check for software fixes that
> software makers provide for free.
> "If you've got a system out on the Net and it's not patched, there's a very
> high degree of likelihood that literally in a matter of hours you'll be
> popped," warned Amit Yoran of computer security firm Riptech.
> New technologies will be at risk to hacking this year, Mr. Yoran cautioned.
> Wireless networking, which is now so cheap and easy to use that consumer
> models are growing popular, is especially vulnerable.
> "The standard itself is insecure," Mr. Yoran said. In a large-scale test of
> urban wireless networks done by Riptech, experts couldn't find a corporate
> network they couldn't break into.
> "What we're faced with is widespread adoption [of wireless networks]
> throughout corporate America and throughout consumer markets and people
> haven't really thought through how to protect," he said.
> With more and faster computers on the horizon and no sign of hackers giving
> up their pursuits, home users will have to take security more seriously.
> "They think if they don't have any secrets, they aren't a target," Mr.
> Hypponen said. "But it's not like that at all."
> Copyright ) 2002 Associated Press
> ------------------------------------------------------------------------
> URL for this Article:
> http://interactive.wsj.com/archive/retrieve.cgi?id=SB1010104082304162760.djm
> ------------------------------------------------------------------------
> Copyright ) 2002 Dow Jones & Company, Inc. All Rights Reserved.
> Printing, distribution, and use of this material is governed by your
> Subscription Agreement and copyright laws.
> For information about subscribing, go to http://wsj.com
> Close Window
> -- 
> -----------------
> R. A. Hettinga <mailto: rah at ibuc.com>
> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
> 44 Farquhar Street, Boston, MA 02131 USA
> "... however it may deserve respect for its usefulness and antiquity,
> [predicting the end of the world] has not been found agreeable to
> experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cypherpunks-legacy mailing list