On 4/5/20 6:08 PM, Mark Allyn wrote: > Folks: > > I don't know if this is the right forum or not to ask this, but I am curious > about this so called Zoombombing that's been creeping up. > > I was as a zoom meeting that did get bombed with porn on Saturday. Luckily, > the host was able to kick them off very quickly. > > However, this leads me to a question. > > If I happen to have had another machine on my network running a sniffer; > something like Snort; would have I got the IP address of whomever Zoombombed > the meeting I was on? > > In a system like Zoom, do all of the videos come together to my desktop or do > they go to the host first and then out to the guests? Who would see the > source IP addresses of those who connect (including the zoombomber) if they > had a Snort or other sniffer running on their network? > > If this is not a good forum for something like this, would anyone know what > forum I could take this to? Would it be DorkbotPDX? > > Thank you > > Mark >
Besides some of the issues discussed on this topic, for me the 2 big ones, regardless of who and what software: 1. Zoom claimed but did not have end-to-end encryption Doesn't matter if you sniff the IP, social engineer, or try a man-in-the-middle attack, without the encryption key... 2. Not setting up secure defaults. It is never a good idea to assume customers new to your product will understand or even find all the required security settings. Google is famous for this one: making security settings the default literally reduces advertiser revenue! https://www.pcmag.com/how-to/how-to-prevent-zoom-bombing "It wasn't a technological weakness in Zoom that allowed these events to occur. It was a matter of the host not knowing all the features of the tool and how to use them. " -Ed
signature.asc
Description: OpenPGP digital signature
_______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
