[vox-tech] Verify Ubuntu files

Gandalf Parker gandalf at any1can.net
Sat Aug 16 07:08:08 PDT 2008 

It might be worth mentioning for the original poster that the conversation 
has split levels. Im trying to avoid jumping in on the scarey one but to 
avoid a doomed feeling I should point out that this is deep tech people 
talking deep tech tactics. They are about as common in the real world as 
deep tech burglars deciding to rob your house. If you are the admin of a 
corporate computer handling lots of credit cards etc etc then it would be 
a concern.

On the other hand, most attacks arent real hackers. Real hackers are rare. 
Most attacks are script-kiddies, and some are crackers, but few are 
hackers. Hackers are knowledgeable and experimentally minded. They do not 
use standard tools and therefore standard tools tend to not work as well 
for them. Also a surprising number of hackers are not malicious, just 
irritating.

Crackers tend to be knowledgeable thugs. They are definetly interested in 
taking or abusing. They tend to use tools they find on the net but they do 
at least understand them and are capable of trying many different things 
to get a result. Tools that are available to foil them can work but 
multiple levels of protection, kept up to date, is a good idea.

Script-kiddies are the vast majority and most likely to hit a home system. 
They are clueless. They have found an attack tool online and are playing 
with it. The honeypot stories are vastly entertaining (a honeypot is a 
system setup to purposely draw attacks for security purposes). Ive seen 
skiddies use sophisticated tools to get in, then spend all day doing 
commands like dir c:\. Or their attack kit will install a sniffer to 
capture logins and passwords to a file; then they immeadiately start 
logging into their favorite hacker sites, previous hacked systems, and 
even their own home machine giving me a copy of all their addresses logins 
and passwords.

Once you start watching the security of your system you might feel panic 
at seeing all the attacks you are getting. But dont be concerned. You are 
getting them all along. Most of them are brute force such as trying huge 
files of possible logins with huge files of common passwords. A standard 
system and good password habits will cover you there. Packages such as 
ChkRootKit and TripWire will help you sleep at night (of course they can 
be bypassed but think of it like having a great door lock which is 
adequate even though it wouldnt keep out an expert burglar)

Gandalf  Parker
-- 
Never say "my machine is secure". Im not saying it isnt. Just that
you should never say it. That's like in a horror movie when someone says
"we should be safe here"

More information about the vox-tech mailing list