A new way to hack?

[King of CaveMen]

I was discussing this with a friend a while back and were both talking about, an experienced hacker could do the following, visit the local Internet Cafe, use an external hard drive link it up launch the tools from there and just d/c the HD and leave.

Would this be of any value? Then we started discussing the ways of tracking it. I woulnd't know how but wouldn't this leave traces of the hardware being detected?

Then we got to the point were we saw, "pre-paid" internet, then what if you were to use this prepaid internet, where you just "buy" it get your login/pw and then you use your external h/d with your tools and and the likes on it and begin your adventure?

This has been probally been discussed before, but my main question is.

Who in the world would make prepaid internet access avaiable? Isn't this a HUGE security loophole?

[g00n]

actually this would come down to how physically secure an "internet cafe" was. How closely do the employee's monitor what is going on their watch. They should kick anyone out if they are seen hooking up hardware or opening cases.

I would think that anyone caught hooking up hardware or opening cases would get a lifetime ban, and that they wouldn't allow someone to reboot their computers into an OS other than what should be running.. as this allows someone to bypass any security software that could be running on these systems. Hell, a customer even rebooting a system should be watched closely to verify that they are not attempting to bypass any security measures that are in place.

Of course they should also have a firewall that should limit outgoing traffic to fit their TOS, so that if their rules are that you are able to web surf, use internet e-mail, and that is all they allow, their ruleset should be setup such that this is the only traffic that is allowed to leave their site. Pretty much destroying someone's ability to use the cafe's hardware for evil.

But hey, perhaps i'm i've been a system/network administrator for too long.

[x acidreign x]

it is probably so locked up it is useless to a hacker. any command line tools, whois, tracert, telnet, probably gone. but even if not, how many internet cafes you have in your area? not a problem to stake them out and catch you in the act.

[King of CaveMen]

None in my area, just school's computer labs and libraires with computer. With a busy time, it would be hard, but besides all the probalities of getting caught, if you were able to link it up, it could pose a serious problem.... wouldnt it?

[instronics]

Well said g00n. I agree 100% with your comments. But alas, there are many webcafe owners who dont know anything about computers, leaving them very unsafe. In general, any public computer shoule be secured as well as possible. If not, it could become a playground for malicous purpose.

Cheers.

[JupMan]

Considering the various ways that hackers could break the law by planting trojan horses, internet cafes are probably not long-hanging fruit

http://www4.law.cornell.edu/uscode/18/1030.html

[thehorse13]

There is a StarBucks in CT (I wont disclose the exact location) that had a HUGE issue with this. In the end, they employed a computer consulting firm to lockdown their public workstations. The first thing they did was deploy W2K pro with pre-defined security templates that disabled all I/O ports except the on board NIC, display, audio and the PS/2 ports. Then all tools (tracert, etc.) were removed. They also locked the control panel and all ability to add software except for write access to a given directory (for resumes and such) which resided on a separate partition. Next, they locked down the browser to elimitate punks who come in and completely hose up the settings.

In the end, you were able to browse the web, print to either printer they have and write to a specific directory. Now, there are a bunch of small holes left behind but by doing these things, they removed a significant amount of trouble that they previously had.

This event comes from a friend who worked on the contract to fix this cafe up. I had a similar challenge with a library and of course everyone's favorite - school computer labs.

My two cents...

[MrLinus]

I think it depends on the owner of the place. The Toronto Public Library is locked down a little better than most I've seen. They are also within a few feet of the librarians, not hidden in some corner. Additionally, Kinko's I noticed requires ID before you can use any of their machines and you cannot attach any devices to their machines without an attendent.

The ones that present the greatest threat are the shops that appear all of a suddent and are there to get the $3/hr internet customer. They don't view themselves as a potential victim. It wouldn't be that hard to create a CD of hacking tools (keyloggers and such) to install on local drives.

[phishphreek]

Originally posted here by thehorse13
There is a StarBucks in CT (I wont disclose the exact location) that had a HUGE issue with this. In the end, they employed a computer consulting firm to lockdown their public workstations. The first thing they did was deploy W2K pro with pre-defined security templates that disabled all I/O ports except the on board NIC, display, audio and the PS/2 ports. Then all tools (tracert, etc.) were removed. They also locked the control panel and all ability to add software except for write access to a given directory (for resumes and such) which resided on a separate partition. Next, they locked down the browser to elimitate punks who come in and completely hose up the settings.

In the end, you were able to browse the web, print to either printer they have and write to a specific directory. Now, there are a bunch of small holes left behind but by doing these things, they removed a significant amount of trouble that they previously had.

This event comes from a friend who worked on the contract to fix this cafe up. I had a similar challenge with a library and of course everyone's favorite - school computer labs.

My two cents...

They have done similar stuff like this on our schools PCs. We can't do anything on those machines! They use a program called "fortress" which completely locks down the PCs from boot. One way I did find a way to run programs though...

Get a USB "pen drive" (the removable flash drives) and install your software on that. You can then just plug it in and use the programs you want. Even all of your utilities can be stored on it. I showed the admins in the labs and they just shrugged. Guess they locked down the machines more for the users who will mess up the computers... not use them for what they're worth. Heck, you can even use a MP3 player to install programs to. Then it just looks as if you're listening to music or editing a playlist.

In some circumstances, you can install to your "home" drive, but as long as the installer doesn't need to write to the registry. I'd just rather install to the pen drive at home and bring it in when I want to use it. Plus, I have more space on that than I do on the network. They are so cheap when it comes to storage... 100mb, used in 1 semester.