I recently moved into an apartment complex which is wired with ethernet.
Being the paranoid person that I am, I have log monitors scour my logs 
frequently. In the last few weeks, I'd been noticing the amount of 'attacks'
on my system increase greatly. It seems that once people get on ethernet,
they become very curious of what their neighbors have to offer (knowingly
or not). I'd like to just warn everyone ... because several people have 
already gotten phone calls/knocks on their doors (in my complex) and a long
talk about 'netiquette' and/or how to secure their machines appropriately.

#1. Keep up to date on the patches on www.redhat.com! You would not 
    believe the amount of people that are still running the vulnerable
    versions of named, even when they have no need to!

#2. Don't poke around other people's machines! If they have their c drive
    shared, chances are they have no clue that they are actually sharing it.
    If they _DO_ mean to share something, and it is intended for you,
    they will let you know.

    Normally I'm not so 'be nice to people' when it comes to things like 
    this. But there's one levelling factor when it comes to ethernet.
   
    EVERYONE CAN SEE ALL OF YOUR TRAFFIC.

    Yes, for those of you who don't know it yet, anyone on your same ethernet
    segment can watch all of the traffic to and from your machine!

There was a guy in my complex who sat there day and night, trying to hack
into my machine. I did nothing else but set up a sniffer to look for traffic
to and from his machine, and I watched him telnet into his VAX, his mail.utexas
account, he wrote letters to his girlfriend, his mother, and all of his
personal information is available freely on the net. Not only was he running
a vulnerable version of named, but the web server he was using had exploitable
cgi scripts that were available remotely!

So, the next time you think about messing with your neighbor .. remember
to secure yourself first.

Aaron
---------------------------------------------------------------------------
Send administrative requests to [EMAIL PROTECTED]

Reply via email to