Saturday, February 10, 2007
At work with my hacker
Researchers of the University of Maryland enjoyed observing the activities of hackers as they try to gain access to a computer and exploit it. They set up 4 Linux computers, with an Internet connection and a weak security. These computers were attacked 2,244 times each day, i.e. every 39 seconds on average!
This is a very scary figure. A classic computer connected to the Internet is almost constantly under attack, more than two thousand times a day! This fact and the fact that 80% of animals on earth are insects, I'm not sure I can get sleep tonight...
Anyway. Most of these attacks employ automated scripts that indiscriminately seek out thousands of computers at a time, looking for vulnerabilities.
The study specifies the most commonly attempted user names: root, admin, test, guest, info, adm, mysql, user and administrator... Usernames to avoid! They are listed in dictionary scripts with others classical passwords: 123456, password, 1234, 12345, passwd, 123, test, 1 (!!) and more simply the repetition or a variation of the username, sometimes followed by 123. Scripts try and try, then sometimes it matches!
After gaining access, hackers would typically check the computer's software configuration, change the password, check the configuration again, and upload and install a program, a backdoor or a trojan that clean their passage and enable them to create a botnet and viva el spamos!
This is a very scary figure. A classic computer connected to the Internet is almost constantly under attack, more than two thousand times a day! This fact and the fact that 80% of animals on earth are insects, I'm not sure I can get sleep tonight...
Anyway. Most of these attacks employ automated scripts that indiscriminately seek out thousands of computers at a time, looking for vulnerabilities.
The study specifies the most commonly attempted user names: root, admin, test, guest, info, adm, mysql, user and administrator... Usernames to avoid! They are listed in dictionary scripts with others classical passwords: 123456, password, 1234, 12345, passwd, 123, test, 1 (!!) and more simply the repetition or a variation of the username, sometimes followed by 123. Scripts try and try, then sometimes it matches!
After gaining access, hackers would typically check the computer's software configuration, change the password, check the configuration again, and upload and install a program, a backdoor or a trojan that clean their passage and enable them to create a botnet and viva el spamos!
Source: PR Newswire, this tuesday.
For those who do not know:
- The botnet is a jargon term for a collection of software robots, or bots, which run autonomously. This can also refer to the network of computers using distributed computing software.
While the term "botnet" can be used to refer to any group of bots, such as IRC bots, the word is generally used to refer to a collection of compromised machines running programs, usually referred to as worms, Trojan horses, or backdoors, under a common command and control infrastructure.
While the term "botnet" can be used to refer to any group of bots, such as IRC bots, the word is generally used to refer to a collection of compromised machines running programs, usually referred to as worms, Trojan horses, or backdoors, under a common command and control infrastructure.
Labels: anecdote
archives >> April - March - February - January -December - November - October - September - August - July - June - May
Powered by Stuff-a-Blog
une page au hasard