Printable View
------------------------------
Palemoon :
Will I be ok thanks perhaps if I have an open door hard to say, you mess with my 5 boxes and about 38 million a year of business that resides on them ...
-----------------------------
do we live on the same planet?
your responsible for protecting 38 mil worth of business and your say perhaps ill be ok if i have an open door. im glad you don't work for me.
Yeah I live on the same planet, thing is looking at a early thread here the average age is oh say about that of my middle son. Fail to see your point of what planet I'm on..excuse me am an old fart..about before M$ new what well they bought up was about. Lunix is a viable option...thing is you need old farts like me to push it, and I think things are close. My only point being is...well I by accident find a open door..it is a who is and phone call and a what I see thing..Go to a remailer on-line well why hide????? Stuff I find is by accident and oops a call. Then again I can go cut the break lines in my car not stop and crash and blame it on the car mfg. Life is full of flaws..it depends upon you as to how you use them :-) To enpower people..or reduce their paycheck to nothing cause you poked around. Then again look to the American Indian or other minorities. After all we were just poking around, if you are not asked do not poke like a woman saying NO..means no..DAH...what is the point of your quoting me?
Oh forgot..like I can keep up with M$ critical updates that put back crap like ohooo Outlookexpress...or hummm visualbasic scripting...Open door NOPE..like I allow other then those ports I need to be active and related to business. Open doors are what I gleen of the web in an 8 hour day. Am home LOL took a break to post here..now back to this 1/2 life game LOL. Gez I'm not 24/7 (that means 24 hours a day 7 days a week) I gotta a life what is in the bank is there 3 years and all outages have been outside :-) oh happy days...is an old song......I'm sleepy[gloworange]UUUUeeeee[/gloworange]
im not a kid myself, but thats the nature of the game. sure its its a pain in the ass and im in the same position. there are two of us where i am and some of the time, all we have to do is browse the net looking for ideas and new ways to do things, but when the word comes in of a problem or an update, were after it.
sounds like your by youself. maybe you should convince your boss that the next person he hires should do some work for you, part of the time. get someone who wants to break into IT. teach them how to do the updates and keep the computers configured the way you want.
you ask why hide? because their are people who get pissy when they're told and will get you busted.
when i hear of a new hole, i go look for it. first on my system then on the internet. what i do might be against the law, and this wouldn't be a first. im not a theif, sabatour or spy, but i do have a certain fasination with the dark side, which is why i handle the security. When i , un-accidently, find a hole i like to let the admin know about it. personally i would rather get an anomymous email than a call from the boss asking why there are porn pics or anti-government slogans, on the web site.
:o Well my 2 cents is not worth much...
But if your a white hat, watch out for the jerks that
does not like the idea of being told they have a problem.
I did that and got into so much trouble that
it cost me over $50.000 in loss business and
legal fees to tell my former ISP he has a problem.
http://www.geocities.com/cecomet and read and be warned!!
And I did, not at that time, consider myself a security expert.
nor did I know what a white hat is,
and I did not know alot about the Linux OS.
As a followup; My new ISP loves me, I am not afraid to tell him
anything about any security issue. I even have 4 servers running
at his NOC on a T3. I even have a static IP on my ADSL circuit.
I still have to pay the parent company of my former ISP
for my ADSL circuit and
phone bill and they still manage to screw up things.
I would be first in line to get a local alternate carrier if I could.
I will not put any of my local customers on my former ISP's system
and I figured that I have been responsible for over 500 customers changing
their ISP. and have been either directly or in directly responsible
for adding 1000+ new customers to the ISP I use, in the areas of ISP overlap.
I figure hitting them in the pocket is the best legal way to get back at them.
I was unable to find a lawer that would take on my former ISP and sue them.
Well that is my 2 cents....
Just be warned on who you advise of a security problem.
my hats off to you Highlander ! that was not an easy road to go down.
what made you tell them? Looks like you knew they were no good. Hope they didn’t screw up your life too bad.
Wow, a real telnet bbs! They’re becoming as rare as mufflermen.
My personal fears for my customers that used that ISP...
I think 50K in losses and interference in my business even now
was what it cost me....
As far as the telnet BBS that may be history in the next few months
The person who ran it has changed jobs....
But I do not know...
I used to run A BBS my self using PC-Board... (among others)
Back then we used DOS and Desqview...
I'm sorry for u dude. And I'm more sorry to say that these things happen all the time!Quote:
Originally posted here by Highlander
:o Well my 2 cents is not worth much...
But if your a white hat, watch out for the jerks that
does not like the idea of being told they have a problem.
I did that and got into so much trouble that
it cost me over $50.000 in loss business and
legal fees to tell my former ISP he has a problem.
http://www.geocities.com/cecomet and read and be warned!!
And I did, not at that time, consider myself a security expert.
nor did I know what a white hat is,
and I did not know alot about the Linux OS.
As a followup; My new ISP loves me, I am not afraid to tell him
anything about any security issue. I even have 4 servers running
at his NOC on a T3. I even have a static IP on my ADSL circuit.
I still have to pay the parent company of my former ISP
for my ADSL circuit and
phone bill and they still manage to screw up things.
I would be first in line to get a local alternate carrier if I could.
I will not put any of my local customers on my former ISP's system
and I figured that I have been responsible for over 500 customers changing
their ISP. and have been either directly or in directly responsible
for adding 1000+ new customers to the ISP I use, in the areas of ISP overlap.
I figure hitting them in the pocket is the best legal way to get back at them.
I was unable to find a lawer that would take on my former ISP and sue them.
Well that is my 2 cents....
Just be warned on who you advise of a security problem.
What I think made u an "easy victim" (don't misread this... this is not a flame :) ) is that as u said: Did not consider urself and security expert, didn't know much about Linux and didn't know what a White Hat was...
this probably means that u just contacted ur ISP like some "nice guy" just trying to help. Am I right? Well, anyways... If that's what happened the ISP might just have sued u because they could and not because they cared. Ppl like earning money that way. Had u known about White Hat Hacking at that time u would probably have seen examples of ppl going through what u did and then maybe u would have had a chance against a bigger corporation.
I guess what I'm trying to say is that today we need to be warriors to help because otherwise some1 is gonna stab us in the pack while we're trying heal some1 else.
It really is scr*wed up world we're living in... Can't we just make illegal to be a lawyer? :D
and Highlander plz comment... If you feel like going into details that would be great. If u can tell other hackers (oh no! the dangerous word!) the danger in helping and just how the companies are gonna mess with 'em then u'll be doing some greater good.
to bad you couldn't sue to re-coop your losses and make a point, did you try the ACLU?
maybe jp knows someone who'd like to take it over(the bbs), hes out in your part of the world
Now I know better....
The ISP I am on likes my help.
My former ISP was STUPID enough not to protect their private info
by putting it on an open FTP server. In other words they had all
their user info in a clear txt file that was down loadable by anyone.
I herd about it from a person I knew at the time in Erie Pa.
I did not compromise their data, but at the time I was a newbe as far
as security goes.
They also did not do any sort of security fixes for 2 years after
they booted me, and only now have done some security fixes...
But the server they use now is not any better.
I will not get into that but any "Cracker" could have a field day.
With 9/11 and security now a big concern all ISP's should
take heed on their servers and keep all the needed security
patches updated no matter the OS.
This also go to co-located equipment including game servers.
If I had to do all over again, and I had a visit from
the Police, I would not sign anything and keep
my mouth shut until I talk to a lawer.....
Cops like to trick people into signing things they do not understand.