At 06:54 PM 1/4/02 +0100, Hadmut Danisch wrote: > > WASHINGTON -- Computer hackers...are turning their sights to home > > computers that are...less secure than ever before. > >On my private computer (DSL, dynamically assigned IP address), I >detect an increasing density of attack attempts.
I see the same thing here. But most of its http/web attacks against the unicode vulnerability. Back when code red was out of control I performed a little experiment. I took 5 IP address of Code Red infected servers on DSL and tested them for the *very* old (Oct/Nov 2000) unicode vulnerability. All 5 systems had NOT been patched. Its not surprising that I now see virus infected machines trying to attack my systems using unicode attack strings. I guess somebody took the idea one step further and developed a virus. It surprises me that providers like Earthlink & GTE (I have one DSL on each) aren't taking measures to filter out virus traffic from infected systems. It seems a simple enough task to me. It seems to me that the biggest cause of the problems are ignorance and lack of concern as the article suggests. So rather than complain and rant, I've setup a non-technical alert list for my friends and family to keep them informed and safe. I try to keep the list fun and easy to read. Its taken a great deal of time and explaining, but slowly more and more of them are beginning to see the bigger picture. My favorite scenario to lay out for my friends is simple and effective. Lets say that a hacker gains control of your computer and uses it to attack another site/system. Lets say that site is a Fortune 500 company or a military or government site. Even if you don't get into trouble, the FBI could still show up on your door step and take your computer away for analysis. No more email or web for you. Oh, and they'll probably need to sift through your phone records to see if the hacker dialed out from your computer. Kiss your privacy goodbye. - hawk --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
