Getting hacked is bad!
Getting hacked is bad!
So I'm sick of getting roughly 40-50 hack attempts per hour. I had Norton Internet Protection Antivirus/Firewall, and most of the hackers just went right through it, so I got BlackIce, and that seems to have been effective in stopping the actual hacking, but still getting tons of attempts 24 hours a day. I've tried everything I can think of to make my computer a less noticeable target, and I'm quite sure that many attempts at all hours of the day is not a normal thing.
Anyone have any suggestions?
------------------
Zellin group says 'I'm still here buddy =)'
Zellin has left the group.
Anyone have any suggestions?
------------------
Zellin group says 'I'm still here buddy =)'
Zellin has left the group.
http://www.zonelabs.com/store/content/home.jsp
The free version works wonders. BlackIce is highly overrated and doesn't stop a lot of things, see zdnet and others for comparisons.
The free version works wonders. BlackIce is highly overrated and doesn't stop a lot of things, see zdnet and others for comparisons.
For personal use zonealarm rocks even more than blackice. Just make sure to move the settings up to high security unless your running some odd server on your computer.
Keran you're kinda stuck. Either ask your it dept to unblock 9999 (they probably will ask why because its not a common port). Or if you've got telnet out (preferably ssh), get some sort of shell account outside that will be able to telnet in. Or you can set up your own accounts but thats more of a pain.
------------------
Asamoth Matsuki - Husband of Liyesha
Red Wizard of Thay
Zulkir of Thay
the Flux - Crimson Sigil
High Wizard Eye Aeternum
Planewalker -=Riders Of Twilight=-
-=Ephemeral=- Darkstorm Rising
Keran you're kinda stuck. Either ask your it dept to unblock 9999 (they probably will ask why because its not a common port). Or if you've got telnet out (preferably ssh), get some sort of shell account outside that will be able to telnet in. Or you can set up your own accounts but thats more of a pain.
------------------
Asamoth Matsuki - Husband of Liyesha
Red Wizard of Thay
Zulkir of Thay
the Flux - Crimson Sigil
High Wizard Eye Aeternum
Planewalker -=Riders Of Twilight=-
-=Ephemeral=- Darkstorm Rising
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR><font face="Verdana, Arial" size="2">Originally posted by Keran:
<B>Since you are talking about firewalls...
Any help on how to get out from behind mine?
See link on mud client. I have not been able to telnet to it, nor open port 9999 at all. Just thought I'd ask here too.
Toarn</B></font><HR></BLOCKQUOTE>
you might try what I do to get out from behind ours. open netscape (not IE - this doesn't work with IE) and in the address line type telnet://sojourn3.org:9999 this will open your default telnet program and attempt to connect to the MUD.
since our firewall is so crappy, this works for me. good luck.
--D2
------------------
Kiaransalee : (51) [ just call me beefy ]
<B>Since you are talking about firewalls...
Any help on how to get out from behind mine?
See link on mud client. I have not been able to telnet to it, nor open port 9999 at all. Just thought I'd ask here too.
Toarn</B></font><HR></BLOCKQUOTE>
you might try what I do to get out from behind ours. open netscape (not IE - this doesn't work with IE) and in the address line type telnet://sojourn3.org:9999 this will open your default telnet program and attempt to connect to the MUD.
since our firewall is so crappy, this works for me. good luck.
--D2
------------------
Kiaransalee : (51) [ just call me beefy ]
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR><font face="Verdana, Arial" size="2">Originally posted by cherzra:
BlackIce is highly overrated and doesn't stop a lot of things, see zdnet and others for comparisons.</font><HR></BLOCKQUOTE>
I was always wary of any program based upon a Shadowrun construct.
------------------
Daz group-says 'rofl, moritheil is the mcdonald's of death'
BlackIce is highly overrated and doesn't stop a lot of things, see zdnet and others for comparisons.</font><HR></BLOCKQUOTE>
I was always wary of any program based upon a Shadowrun construct.
------------------
Daz group-says 'rofl, moritheil is the mcdonald's of death'
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR><font face="Verdana, Arial" size="2">Originally posted by D2:
<B> you might try what I do to get out from behind ours. open netscape (not IE - this doesn't work with IE) and in the address line type telnet://sojourn3.org:9999 this will open your default telnet program and attempt to connect to the MUD.
since our firewall is so crappy, this works for me. good luck.
--D2
</B></font><HR></BLOCKQUOTE>
Just tried this and got power word pwn3d. didn't work. When a company makes $6.2B I guess they put some effort into making sure their independent contractors dont mud. Oh well, I am suckin.
Toarn
<B> you might try what I do to get out from behind ours. open netscape (not IE - this doesn't work with IE) and in the address line type telnet://sojourn3.org:9999 this will open your default telnet program and attempt to connect to the MUD.
since our firewall is so crappy, this works for me. good luck.
--D2
</B></font><HR></BLOCKQUOTE>
Just tried this and got power word pwn3d. didn't work. When a company makes $6.2B I guess they put some effort into making sure their independent contractors dont mud. Oh well, I am suckin.
Toarn
You could als try this:
Have a server running sshd (a secure share daemon) with port forwarding enabled.
If port 22 (the default ss port) is blocked, run this on an open port like 80 (http) or 23 (telnet).
Once your secure shell tunnel is established via a client like SecureCRT or Putty (if your platofrm is win32), you establish a port forwaring from the client localhost (any port you specify) to the server going out to sojourn.org 9999.
And if you were (for example) running zmud on the local side, you put in the mud address as localhost 9999, and have that forarded to the sshd server to sojourn3.org.
The beauty of this setup is that you can have 0..n secure tunnels wrapped inside the main secure shell encrypted tunnel, so from the outside it's all one big opaque socket.
------------------
Nokie 'No you don't!! That belongs to me!' Quickfingers
Have a server running sshd (a secure share daemon) with port forwarding enabled.
If port 22 (the default ss port) is blocked, run this on an open port like 80 (http) or 23 (telnet).
Once your secure shell tunnel is established via a client like SecureCRT or Putty (if your platofrm is win32), you establish a port forwaring from the client localhost (any port you specify) to the server going out to sojourn.org 9999.
And if you were (for example) running zmud on the local side, you put in the mud address as localhost 9999, and have that forarded to the sshd server to sojourn3.org.
The beauty of this setup is that you can have 0..n secure tunnels wrapped inside the main secure shell encrypted tunnel, so from the outside it's all one big opaque socket.
------------------
Nokie 'No you don't!! That belongs to me!' Quickfingers
first thing I would do is turn printer and file sharing off.. and if you have ever loaded anything like kazaa, audio galaxy, napster.. err don't..
You tend to stick out like a sore thumb if you have 1 thing shared..
I've spent the last week looking for holes in network security and there is sooo many tools out there that just look for someone with sharing on.
I've actually spent some time in some of your machines
lucky I aint mean or I would have changed all your "sends you sprawling" triggers to output "quit;yes"
Trewe
------------------
-=CrocHunter=- Northern Star
You tend to stick out like a sore thumb if you have 1 thing shared..
I've spent the last week looking for holes in network security and there is sooo many tools out there that just look for someone with sharing on.
I've actually spent some time in some of your machines
lucky I aint mean or I would have changed all your "sends you sprawling" triggers to output "quit;yes"
Trewe
------------------
-=CrocHunter=- Northern Star
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR><font face="Verdana, Arial" size="2">Originally posted by Trewe:
<B>first thing I would do is turn printer and file sharing off.. .
I've actually spent some time in some of your machines
Trewe
</B></font><HR></BLOCKQUOTE>
Alas I need to have file sharing on so me and my room mate can access stuff on each others computer, and I connect to his computer for cable internet.
Seen anything interesting on anyones machines?
------------------
Those who desire to give up Freedom in order to gain Security, will not have, nor do they deserve, either one.
<B>first thing I would do is turn printer and file sharing off.. .
I've actually spent some time in some of your machines
Trewe
</B></font><HR></BLOCKQUOTE>
Alas I need to have file sharing on so me and my room mate can access stuff on each others computer, and I connect to his computer for cable internet.
Seen anything interesting on anyones machines?
------------------
Those who desire to give up Freedom in order to gain Security, will not have, nor do they deserve, either one.
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR><font face="Verdana, Arial" size="2">Originally posted by Zagaz:
<B>
Alas I need to have file sharing on so me and my room mate can access stuff on each others computer, and I connect to his computer for cable internet.
Seen anything interesting on anyones machines?
</B></font><HR></BLOCKQUOTE>
Well there is nothing you can do about the regular attacks then.. just make sure you don't share anything vital publicly and have your shares passworded..
there are programmes that will capture pings checking for shared ports and ping them back so that they know you know they are looking.. which will make most wannabe hackers run away.. but if someone really wants in, there is nothing you can do about it really.
Even masking your IP wont help as your true IP can still be pinged to check for sharing.
And as for seeing anything interesting..
wouldn't you like to know
I have come across things like excel files containing internet banking login's and passwords on computer that had full sharing enabled.. (sure the file was passworded but that took me about 2 minutes to crack)
All this and I have no idea how to hack really
Trewe
------------------
-=CrocHunter=- Northern Star
<B>
Alas I need to have file sharing on so me and my room mate can access stuff on each others computer, and I connect to his computer for cable internet.
Seen anything interesting on anyones machines?
</B></font><HR></BLOCKQUOTE>
Well there is nothing you can do about the regular attacks then.. just make sure you don't share anything vital publicly and have your shares passworded..
there are programmes that will capture pings checking for shared ports and ping them back so that they know you know they are looking.. which will make most wannabe hackers run away.. but if someone really wants in, there is nothing you can do about it really.
Even masking your IP wont help as your true IP can still be pinged to check for sharing.
And as for seeing anything interesting..
wouldn't you like to know
I have come across things like excel files containing internet banking login's and passwords on computer that had full sharing enabled.. (sure the file was passworded but that took me about 2 minutes to crack)
All this and I have no idea how to hack really
Trewe
------------------
-=CrocHunter=- Northern Star
-
- Sojourner
- Posts: 7275
- Joined: Sat Apr 14, 2001 5:01 am
- Location: Los Angeles, CA and Flagstaff, AZ
- Contact:
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR><font face="Verdana, Arial" size="2">Originally posted by Trewe:
<B>lucky I aint mean or I would have changed all your "sends you sprawling" triggers to output "quit;yes"
Trewe
</B></font><HR></BLOCKQUOTE>
alias quit {say some moron just tired to make me quit}
and make sure you change the default "command character" to something other than # so they can't force you to do a {#unalias quit;quit;y;6;%pw}
[This message has been edited by kiryan (edited 10-05-2002).]
<B>lucky I aint mean or I would have changed all your "sends you sprawling" triggers to output "quit;yes"
Trewe
</B></font><HR></BLOCKQUOTE>
alias quit {say some moron just tired to make me quit}
and make sure you change the default "command character" to something other than # so they can't force you to do a {#unalias quit;quit;y;6;%pw}
[This message has been edited by kiryan (edited 10-05-2002).]
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR><font face="Verdana, Arial" size="2">Originally posted by Gormal:
<B>want to not get hacked more? get a mac.
</B></font><HR></BLOCKQUOTE>
This is true.. we all know that Mac owners have nothing of value.
Trewe
------------------
-=CrocHunter=- Northern Star
<B>want to not get hacked more? get a mac.
</B></font><HR></BLOCKQUOTE>
This is true.. we all know that Mac owners have nothing of value.
Trewe
------------------
-=CrocHunter=- Northern Star
Okie, got a question for ya: I've got an Actiontec DSL gateway which I believe is very similar to the standard Linksys router, including a firewall. I also run a (Tiny) personal firewall on my PC. Up til now I've felt like I was double-bagged and relatively safe from most net numbwits.
Now, however, I'm running a MS network behind this gateway, with file and print shares all over the place. To top it off, my roommate practices pretty poor net hygiene, including running Kazaa and other fun p2p programs. Aside from the inevitable viruses from his warez habit, I'm concerned about my potential exposure and risk. Any recommendations?
Mp
------------------
Now, however, I'm running a MS network behind this gateway, with file and print shares all over the place. To top it off, my roommate practices pretty poor net hygiene, including running Kazaa and other fun p2p programs. Aside from the inevitable viruses from his warez habit, I'm concerned about my potential exposure and risk. Any recommendations?
Mp
------------------
-
- Sojourner
- Posts: 195
- Joined: Mon Oct 28, 2002 6:01 am
- Location: Oakville, Ontario, Canada
- Contact:
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR><font face="Verdana, Arial" size="2">Originally posted by Mplor:
<B>Okie, got a question for ya: I've got an Actiontec DSL gateway which I believe is very similar to the standard Linksys router, including a firewall. I also run a (Tiny) personal firewall on my PC. Up til now I've felt like I was double-bagged and relatively safe from most net numbwits.
Now, however, I'm running a MS network behind this gateway, with file and print shares all over the place. To top it off, my roommate practices pretty poor net hygiene, including running Kazaa and other fun p2p programs. Aside from the inevitable viruses from his warez habit, I'm concerned about my potential exposure and risk. Any recommendations?
Mp
</B></font><HR></BLOCKQUOTE>
Switch to win2k pro and disable all non-standard ports...except for 9999 of course(which you will reserve for your mud client). that'll stop them in thier tracks..
------------------
Adilmir tells you 'are you a Mumavore?'
Aedwyn tells you 'Ill do you if you give me plat so I can gamble :)'
<B>Okie, got a question for ya: I've got an Actiontec DSL gateway which I believe is very similar to the standard Linksys router, including a firewall. I also run a (Tiny) personal firewall on my PC. Up til now I've felt like I was double-bagged and relatively safe from most net numbwits.
Now, however, I'm running a MS network behind this gateway, with file and print shares all over the place. To top it off, my roommate practices pretty poor net hygiene, including running Kazaa and other fun p2p programs. Aside from the inevitable viruses from his warez habit, I'm concerned about my potential exposure and risk. Any recommendations?
Mp
</B></font><HR></BLOCKQUOTE>
Switch to win2k pro and disable all non-standard ports...except for 9999 of course(which you will reserve for your mud client). that'll stop them in thier tracks..
------------------
Adilmir tells you 'are you a Mumavore?'
Aedwyn tells you 'Ill do you if you give me plat so I can gamble :)'
2 cents...
1) Hey put up the firewall, remove all shares, don't download programs.
2) Realize you still aren't safe. If someone wants to get you they can. Your only defense it not being connected. Firewalls, OSs, exe, etc... all have vulnerabilities. The more you learn about security the more you realize in the end it's all a joke.
For those who don't know how to hack anyone here's your lesson.
1) Scan their putter see what ports are open/what programs are running.
2) Check one of numerous vulnerability sites and try current exploits.
3) Find out the person is doing their job of updating and patching security holes.
4) Kick back and wait. Watch those vulnerability sites and wait for a new vulnerability to open up for the OS/firewall/etc....
5) Beat the person to the punch and attack before they patch.
6) Gloat!
About two years ago some "dangerous" worm attacking a particular vulnerability escaped on to the net. I actually forget the name, but the guy was down in one of our wonderful Gulf nations (Bahamas, Cuba, Puerto Rico, somewhere). Over the next two days people were getting slammed business networks went down, etc.... Researchers latter determined that if a prescan of the internet was done (remember since it was one particular vulnerability that was being exploited a single ping to each IP would have done the job) then a complete infection could have taken place within 2 minutes!
The means are simple. One file containing all the IP addresses to be infected. Each time a computer is infected the file is split in half and then you have two computers working to infect all the computers on the internet not by attacking random IPs, but instead by systematically attacking only IPs that are vulnerable AND not duplicating work. Make sure the first few computers on the list have big bandwidth and your home free.
------------------
Marforp / Sasdor / Kaf / Pofas
1) Hey put up the firewall, remove all shares, don't download programs.
2) Realize you still aren't safe. If someone wants to get you they can. Your only defense it not being connected. Firewalls, OSs, exe, etc... all have vulnerabilities. The more you learn about security the more you realize in the end it's all a joke.
For those who don't know how to hack anyone here's your lesson.
1) Scan their putter see what ports are open/what programs are running.
2) Check one of numerous vulnerability sites and try current exploits.
3) Find out the person is doing their job of updating and patching security holes.
4) Kick back and wait. Watch those vulnerability sites and wait for a new vulnerability to open up for the OS/firewall/etc....
5) Beat the person to the punch and attack before they patch.
6) Gloat!
About two years ago some "dangerous" worm attacking a particular vulnerability escaped on to the net. I actually forget the name, but the guy was down in one of our wonderful Gulf nations (Bahamas, Cuba, Puerto Rico, somewhere). Over the next two days people were getting slammed business networks went down, etc.... Researchers latter determined that if a prescan of the internet was done (remember since it was one particular vulnerability that was being exploited a single ping to each IP would have done the job) then a complete infection could have taken place within 2 minutes!
The means are simple. One file containing all the IP addresses to be infected. Each time a computer is infected the file is split in half and then you have two computers working to infect all the computers on the internet not by attacking random IPs, but instead by systematically attacking only IPs that are vulnerable AND not duplicating work. Make sure the first few computers on the list have big bandwidth and your home free.
------------------
Marforp / Sasdor / Kaf / Pofas
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR><font face="Verdana, Arial" size="2">Originally posted by Gerad:
<B>Just got zonealarm, and previously i was on a completely unsecured internet connection...
lets see what happens in the next few days :P
G
by the way, how much does zonealarm slow down your computer/net access?
</B></font><HR></BLOCKQUOTE>
------------------
Auril tells you 'Yes, we're plotting the destruction of all that is holy - and unholy, too. Just to be thorough.'
<B>Just got zonealarm, and previously i was on a completely unsecured internet connection...
lets see what happens in the next few days :P
G
by the way, how much does zonealarm slow down your computer/net access?
</B></font><HR></BLOCKQUOTE>
------------------
Auril tells you 'Yes, we're plotting the destruction of all that is holy - and unholy, too. Just to be thorough.'
How good is Tiny Personal Firewall? It depends. If you configure it properly it is better then ZoneAlarm, BlackIce, etc.... If you don't know what you are doing setting up rules etc... it's worse. The new version is a little better then the older ones with having some preconfigured settings for various programs, but the selection is limited and they are now charging for the program. In short: if you know what your doing go with Tiny due to the ability to truely tweak your firewall. If you don't know what your doing go with ZoneAlarm and set to the highest setting.
------------------
Marforp / Sasdor / Kaf / Pofas
------------------
Marforp / Sasdor / Kaf / Pofas
Return to “S3 General Discussion Archive”
Who is online
Users browsing this forum: No registered users and 35 guests