Mark Lanctot wrote:
Peter;162026 Wrote:
Mark Lanctot wrote:
Plus an open port puts up a red flag to all the bots out there
looking
for interesting IPs. A hacker may come back and do some further
investigation - finding other things that may be much more dangerous
and that he can exploit immediately
This makes no sense IMHO.
Regards,
Peter
Hmm? These are bots out there scanning ports. They are looking for
open ports. If they find one, they log it for further investigation.
These bots aren't scanning all 65535 TCP & 55535 UDP ports for each
system. They're looking for ports with software with known
vulnerabilities. The people who operate them don't go looking at
interesting ports, their aim is to harvest bots by the thousands or
hundred thousands. The people who find the vulnerabilities in software
do so with the software installed locally. They don't attack remote
systems at random, if they want to attack a system they look for
services that have known vulnerabilities.
If a hacker (yeah I know, cracker) would be interested in hacking
slimserver installs, he would download it, istall it, look at the code,
flood it with
unexpected input and see if it crashes or does something it shouldn't.
If so, see if it's exploitable. If it's exploitable, *then* start
scanning the net for the SS ports and take over the machines.
Regards,
Peter
_______________________________________________
discuss mailing list
[email protected]
http://lists.slimdevices.com/lists/listinfo/discuss
