|
-
December 1st, 2004, 10:34 PM
#1
 Owned in 4 mintues
And you thought 20 minutes for an unpatched machine connected to the net to get owned was quick. It is now 4 minutes
http://www.techweb.com/wire/security/54201306
(I don't know if this has been posted yet)
Some people amaze me. What benefit would someone get from attacking an unpatched average machine with no significance about it at all?? It is not to test their knowledge or to gain any (Any legit testing/study can be done in a lab/controlled environment - instead of releasing **** apon random people)!!??!!?
-
December 1st, 2004, 10:36 PM
#2
What benefit would someone get from attacking an unpatched average machine with no significance about it at all?? It is not to test their knowledge or to gain any!!??!!?
To use that machine for other attacks (launch points). The reality is that there are lots of machines that are put on the internet without any security and are used as starting points to do larger attacks against others. This specific example from the story identifies the use of botnets, which would probably match up with the "launch point".
Remember there are numerous reasons as to why some compromise boxes:
- money
fame
just because (Mount Everest reason)
knowledge
"hacktivism"
prove something
revenge
espionage
etc.
-
December 1st, 2004, 10:36 PM
#3
It adds a fileserver/DDoS Zombie/Proxy/Whatever to your list of 'owned' hosts.
Chris Shepherd
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?
-
December 1st, 2004, 10:38 PM
#4
Yeh i know they can be taken over to use as zombies etc. But nevertheless why would anyone do that heh, it's just stupid selfishness
-
December 1st, 2004, 10:38 PM
#5
Shits and giggles? Mostly of them are worms and virii crawling the net looking for **** like this... but I really don't know the perk of a freshly installed system being pwn3d other than as a proxy for other attacks maybe?
-
December 1st, 2004, 10:39 PM
#6
I guess I am really just getting into the ethics side of things now which has been discussed for years
-
December 1st, 2004, 10:42 PM
#7
I guess I am really just getting into the ethics side of things now which has been discussed for years
Ethics how? Technically -- under various laws (depending on nation) -- it's illegal to break into a machine you do not have permission to. (sorta like speeding.. aint supposed to do it but it's "not illegal" until the police catch you).
-
December 1st, 2004, 10:47 PM
#8
Exactly, which makes it wrong/illegal/unethical to break into those machines and here I am asking why would they do it. Which stems down to them being unethical etc etc. Especially automated attacks that attack all vulnerable machines in a ip range.
-
December 1st, 2004, 10:49 PM
#9
There is a difference between unethical and illegal. Not all nations view computer violations as a crime. That said, the list I provided above shows any number of reasons as to why.
When you think about it why does anyone do what they do? Ask yourself why you are "ethical" and not "unethical" as you define it?
-
December 1st, 2004, 10:53 PM
#10
MsMittens are you saying that it is fine/right/ok for people to compromise insecure boxes on the net?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote