Date: Fri, 8 Jun 2001 17:07:28 +0000 From: "David S. Geirsson" <andmann@andmann.eu.org> To: Gary Kline <kline@ns1.thought.org> Cc: freebsd-questions@freebsd.org Subject: Re: IPFW rules and outward connections Message-ID: <20010608170728.D1961@bong.andmann.eu.org> In-Reply-To: <20010608094923.A3102@tao.thought.org>; from kline@ns1.thought.org on Fri, Jun 08, 2001 at 09:49:23AM -0700 References: <3B200EEF.86F950D1@iowna.com> <001201c0efda$63e90b20$1401a8c0@tedm.placo.com> <20010608094923.A3102@tao.thought.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Actually, scriptkiddies trying to "r00t" your box aren't that much of a problem. The real problem is when they DDoS you with already-rooted boxes run by less-clued admins. :) On Fri, Jun 08, 2001 at 09:49:23AM -0700, Gary Kline wrote: > On Thu, Jun 07, 2001 at 10:18:02PM -0700, Ted Mittelstaedt wrote: > > I'll relate a recent story security and access lists that may > > interest some folks. > > > [[ ... ]] > > > This is the kind of mentality that your dealing with, with most crackers. > > Sure, there's some really good (or warped) crackers out there who would > > have reactivated their little toy in seconds. But these people aren't > > going to waste their time on something like this site. The real mentality > > that your dealing with, with 99% of these crackers out there are people > > so dumb that they cannot even make a simple port number modification in > > their code. They barely have any understanding of networking technology and > > even crude and simple access lists are beyond their comprehension. All > > they do is to follow some recipies that their betters have put together > > for them, and if something goes wrong and the recipie doesen't work, they > > have no idea how to go about fixing it (or breaking the system, depending > > on your viewpoint) and so they just move on to the next easy-to-compromise > > system. > > > > This is really the situation of the street where half the homes lock their > > doors and the other half don't. There are so very many ancient Linux or > > unsecured Windows systems out there that if you make even a modicum of > > effort > > to lock your door, since most crackers are basically morons, they are > > unable to deal with the situation and just move on to the next house/system. > > [[ ... ]] > > > > [T]he point is that Hollywood makes it out that all crackers are > > super-sophisticated > > technologists that know computer systems back, forth and upside down, and > > that to block them you have to have super-sophisticated methods yourself. > > But, the reality is that most crackers are morons and even simple > > filters and blocks that aren't themselves that good, present enough of an > > obstacle > > to these people that they won't be able to figure out a way around them. > > > > Thanks for your tale. It supports my theory that the overwhelming > number of crackers are adolescents (of whatever age) who have time > on their hasnds. --Of course this does not sell newspapers, > air-time, or movies... . > > gary > > > > > -- > Gary D. Kline kline@thought.org www.thought.org Public service Unix > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Davíð Steinn Geirsson andmann@andmann.eu.org (354)-8696608 "Support staff hung over, Send aspirin and come back LATER." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010608170728.D1961>