On Sunday 01 May 2005 21:13, Chris Mason (Lists) wrote: > Is there really people out there reading the sip traffic? Short of being > the ISP, how would you get that done? > > Chris Mason > www.anguillaguide.com
There is people who have NOTHING better to do than hack others. There are people who make GREAT living doing it by selling what they got (stole). Don't be naive to think that just because you have no interest and don't know how, that there are not hords of people who do. When something is travelling in cleartext (not encrypted) there will always be people who can collect and read it. Or listen. To get an idea, run tcpdump -vvn on your external NIC. Know your own IP (ifconfig) and see what is and isn't for you. You can specify ports you want to listen to and not with: tcpdump -nvv port 110 and port 25 and not arp for example. This will listen to email coming and going but not arp traffic. Of course you can have even more fun by firing up ethereal and read the content of the traffic. That's all just traffic that happens to flow by you. The next thing to do is to hack some place where more interesting things flow by. It's not hard at all, just tedious. If you sit in an office LAN (where most illegal hacking originate from) you can get everyones passwords etc. These are standard tools used to debug networks with. Hackers tend to do things which are not what normal people do. I.e. they make software do things nobody expected it would do, by putting it in unexpected situations. Like feeding 1000 characters into a small field built for 10. They essentually "break" it and take advantage of the "irrational" behavior. There's lots you can read on how to do these things online, and in bookstores. There is software that does the hacking automatically for you and is used by what is known as script kiddies. They are not good enough to write the software but they know how to run them. So they run a bunch of scripts/programs in hope that it will create some effect. There's a very funny transcript of such a kid threatening to format someones computer at: http://www.jellyslab.com/~bteo/hacker.htm Oops, he appears to be off-line. Essentially he gave the loop back address to a wanna be hacker, who dared him to give it to his so he could hack him. The loop back address is your own computer, it's used for testing and whatnot. So the kid then attacks himself thinking he's attacking the other guy. Failing to crash the other guys computer as his own is "crashing" in the attempt, he then tries to format the other guys computer, thus wiping out his own computer. -- Steve Szmidt "They that would give up essential liberty for temporary safety deserve neither liberty nor safety." Benjamin Franklin _______________________________________________ Asterisk-Biz mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-biz
