JF make 351
JF Nav
JF Nav
Creation Date: 2004-04-28
Happy stuff here at Javantea.com as well as AltSci.com and HackMars.com. If you do a ping to each, you'll see that they all go to one ip address. That's right, my ip address. I got good dsl and so I'm serving those sites off my box. There is a reason why my websites are simple in the graphics department, it's because for four years I have planned to serve them off my home box. Javantea.com points to Javantea.Keenspace.com which is here since I can't support the 700 * 27kB of pictures that my MoJF website contains or the 41 * 158kB that the comic contains.

Yesterday, I got my gateway working. I got my first hits last night: a Google Bot hit robots.txt and / at javantea.com and a hacker tried to overflow my buffer. No, really! I checked my access_log and my error_log this morning and there it was: 28/Apr/2004:00:41:56 "SEARCH /\x90\x02\xb1........" For about 10 kB. I won't publish the ip address just because that's about as luserish as being a script kiddie. But it's a good enough lesson for today: the day that your web server or workstation goes online, there will be a hacker testing your security. If you don't have patches, you will be at the mercy of a thousand little script kiddies. Just one is one too many.

It's really not their fault, it's statistical attraction to power. If there is power, statistically, people will be attracted to it. In our society, attraction to power usually is rewarded. No one imagines that a quest for power will end in jail. But there's a difference between one script kiddie seeking power and another seeking knowledge. For a long time, information has been hoarded more secretly than money. There are those that wish to gain access, to use the information. Scientists, historians, hackers want this information that holds secrets to much more important things. So imagine if you will a script kiddie looking for a root kit. The information held in the root kit gives access to power to remotely control other people's computers. So the script kiddie finds one and downloads it, runs it, and soon he has a list of a dozen ip addresses he now has control over. Certain thoughts about immorality might cross his mind, but mainly it's the thought of "What is there?". The first one on the list, C:\ drive wide open. Data, nada, nada. Next. You can see the goal of this script kiddie, right? The goal is to find data that is particularly juicy, something that would be interesting. Corporate, illegal, interesting data.

So there is a problem with this quest for information. The person who had an insecure box and was rooted didn't want that information to be public. The person didn't take any precaution to ensure that it wasn't made public, but everyone wants everything. It is called conflict. If I want interesting data and you don't want to give me your interesting data, there arises a conflict. The solution of the conflict comes with nature. If it is my nature to test your security and it is your nature to be insecure, the conflict is solved in my favor.

Logging attacks, even posting ips is not the solution, it is helpful to know what a person is up against. The quest for information is much more important than false security. Remember that a hole not exploited is still a hole. It waits to be exploited. The solution is clear: secure yourself. If that means a firewall or patching or unsharing your C:\ drive, please do so.



JF Nav
Home Characters Making Of Technical Mail News Links |< First < Prev Next > Latest >|  bandwidth version Goto Scene