stunthanger.com
General control line discussion => Open Forum => Topic started by: RC Storick on September 01, 2009, 10:10:13 AM
-
We have been attacked again. Someone (only this time I'm going to find out) Put 33,000 lines of code into this site. Hackers beware I check everyday for problems.
-
How about capitol punishment for destructive hacking?:X Or at least life with a "friendly" cell mate.VD~
I have had to completely restore a computer at 4 different times from that BS.
-
I mostly get DOS stuff. Blocked ports and using a non-MS OS helps quite a bit, but in the end, there's always a way in if you're persistent enough.
-
That is another reason why current backups are so important.
Another good tool is Snapshots of your data. This is done on the backend, but only if the right equipment is used. (ie. something along the lines of: Netapp.com It extends storage to the server and handles all the replaction and backups. Real slick stuff but you would have to sell all your PA planes and motors to pay for it. HB~>
Backup often.
-
How 'bout just choppin' their fingers off when we catch 'em. >:(
Phil
-
>>Another good tool is Snapshots of your data.<<
Man, I am no fan of Cloud Computing. I have a drive box on my home network with an IP address that I back up to. Works pretty well when my son hasn't used up all the space with sound samples (he's an audio engineer and uses the drive box over the internet to back up his work). Man, he can go through a terabyte fast.
-
How 'bout just choppin' their fingers off when we catch 'em. >:(
Phil
With the props as the sawblades >:D >:( Why would people want to hack into this site, there really isn't anything "special" on it, no top secret stuff on here, so why do it ???
-
so why do it ???
They do it because they can. Extreme waste of time and talent.
-
They do it because they can. Extreme waste of time and talent.
True, they could try and get Microsoft and Dell back into the United States.
-
True, they could try and get Microsoft and Dell back into the United States.
Won't happen because everyone wants it cheap and everyone wants to make a 1000 dollars a hour doing nothing. So we get it from China.
-
Good luck in finding these bastards. But when you find them, what can be done? It's virtually
impossible for an individual to do anything about it. Turning it over to the FCC/FBI/some other
federal entity is not likely to yield much. They're too busy worrying about banks and cyber terrorism.
Generally, sites are not hacked because of content; only vulnerability is of concern.
And although I'm not happy with everything being assembled in China, I don't see that much
evidence of Chinese Windows programmers ((yet)), or even hackers. Traditionally, a lot of
virus writers (related problem) have been in Bulgaria. But where hardware gets built doesn't
really relate to web site hacking.
I've wondered at times if Symantec , McCaffy, et al have been manufacturing viruses,
so they can sell their antivirus, but that's getting pretty cynical about it. (Yeh, I'm a cynical
dude.)
In 2002 I worked on a conceptual design for an "unhackable" hardware architecture.
It featured an inner (secure) computer and an outer (vulnerable) shell computer.
The key was a very special proprietary interface between the outer and inner computers.
Another trick it used was reloading the outer computer's complete software/data image
on a regular basis (say daily, or in response to a detected hack).
It's clear any method which relies on software in a well known (e.g. PC) architecture cannot
be completely secure. With hardware resources now incredibly inexpensive, hardware
solutions do become more viable.
Personally, I favor something similar to what was used on 007 in Casino Royale for maximum
testicular impact on the hackers.. ~^
Good luck,
L.
"Some men have thousands of reasons why they cannot do what they want to,
when all they need is one reason why they can. -- Willis R. Whitney
-
...In 2002 I worked on a conceptual design for an "unhackable" hardware architecture.
It featured an inner (secure) computer and an outer (vulnerable) shell computer.
The key was a very special proprietary interface between the outer and inner computers.
Another trick it used was reloading the outer computer's complete software/data image
on a regular basis (say daily, or in response to a detected hack).
Good luck,
L.
Doesn't that work same as a "firewall"?
George
-
George,
Yes, it serves the same function. And there are plenty of commercial hardware firewalls in place.
Patents were being sought for proprietary tricks in their architecture and communication links;
special methods and algorithms were involved. I'm still bound by NDAs not to discuss details,
even though the patents never were completed.
There were visions of integrating it all at the microprocessor chip level, with Dell or similar companies
incorporating the chips in bazillions of PCs. Of course! #^ (marketing!)
Their architecture and methods were clever and novel. Although I showed the client how it could be hacked,
a huge amount of time and effort would be required. In that sense, it could have been useful.
I've seen several ideas more hare-brained and less novel that I would have never believed patentable
(including a programmable bit serial telemetry processor architecture I designed in 1986, parts of
US Patents 5016005 and 5227783) get patented and then poorly or never applied. So it goes.
L.
"I never cease being dumbfounded by the unbelievable things people believe." -Leo Rosten
-
I think capital punishment is fitting for people that do this.
:X :X
-
How 'bout just choppin' their fingers off when we catch 'em. >:(
Phil
But that sounds so... Muslim.
-
If you catch a hacker, just force them to fly R/C for a season (supervised, of course).
Floyd
-
>>Although I showed the client how it could be hacked,
a huge amount of time and effort would be required.<<
Well, it's the same principle that home security uses. It's not that your home will be resistant to break-in. It's that the thief sees that your home is protected by Joe's Security Service and figures, why bother? I'll just go to the next house that doesn't have an alarm.
If your system is difficult to crack, then why bother unless I know there's something to get?
By the way, there's an error in terminology here.
Hacker: Someone that enjoys and is good at computers and programming.
Cracker: someone that breaks into places they don't belong using computers and illegal programming.
One's an enthusiast, the other is a criminal.
Ref: http://www.catb.org/~esr/faqs/hacker-howto.html
-
>>Although I showed the client how it could be hacked,
a huge amount of time and effort would be required.<<
Well, it's the same principle that home security uses. It's not that your home will be resistant to break-in. It's that the thief sees that your home is protected by Joe's Security Service and figures, why bother? I'll just go to the next house that doesn't have an alarm.
If your system is difficult to crack, then why bother unless I know there's something to get?
By the way, there's an error in terminology here.
Hacker: Someone that enjoys and is good at computers and programming.
Cracker: someone that breaks into places they don't belong using computers and illegal programming.
One's an enthusiast, the other is a criminal.
Ref: http://www.catb.org/~esr/faqs/hacker-howto.html
Here in Oklahoma that is definetly not the definition for Cracker :)
-
Cat,
Yea, well there are definitely other, ah, regional definitions.