Unprotected PCs Fall To Hacker Bots In Just Four Minutes

Techweb ^ | 11/30/2004 | Gregg Keizer

[ncpatriot]

We've been told we don't have to worry about a firewall because we have dial up. Is that true?

We just had Mozilla Firefox installed, and that has really cut down on the pop-ups, esp from the DrudgeReport!

[governsleastgovernsbest]

I do enjoy some of the extensions, such as the ability to remember passwords even on sites that try to prohibit that. Is there a system you recommend as an alternative to IE and Firefox?

[LTCJ]

Does anyone know which port this is, and what network service is bound to it?

Not 100% sure about Linspire but an educated guess would be 113/IDENT.

[AngryJawa]

Bookmark for future edjumakashun....

[Proud_texan]

I don't know but when I saw that I wondered if they would be compliant with RFC 1122.

You think they're doing a port re-map internally?

[WildTurkey]

Having said that, everyone should have a hardware firewall regardless of OS.

Now why would you say that since you also seem so confident that Macs are not vulnerable?

[IndyMac]

Two comments:

1. The honeypots were inactive; e.g., no email reading or web browsing to simulate real-world usage. I'd like to see this experiment repeated with some scripts on each machine running through a list of web sites as well as receiving and responding to spam. Each OS's resistance to the resultant malware attacks would be instructive.

2. The Mac in this experiment actually had some extra services turned on such as 'windows file sharing' ... and still wasn't compromised.

[TomGuy]

I like the FoxyVoice extenstion. I use another browser (IE based) that has build in speech. It is excellent for reading long news articles aloud, although the computer voice takes some getting used to.

I've tried most known browsers at one time or another. My favorite (IE based) is Fastbrowser because it was one of the first tabbed and build-in speech capabilities.

I have Maxthon (IE based) and Mozilla (similar to the old Netscape).

If I run up against a webpage that doesn't work with one, I load up IE. Sometimes I'll have 2-3 different makes of browsers running at the same time. Each has its good and not so good. It is in what a person gets used to.

[ThinkDifferent]

Now why would you say that since you also seem so confident that Macs are not vulnerable?

I'm confident I won't get into an accident driving home tonight, but I'll still wear my seat belt.

[processing please hold]

Can I just click on firefox and that's all I need...I don't need to buy anything?

[RadioAstronomer]

I use a hardware firewall along with AnalogX script defender, Xp SP2, XP antispy, Spyware blocker, PC Pitstop security config, and Zone Alarm. I also use an antivirus, anti popup blocker, Ad-Aware, Spybot SD, PC cleaner, and tested my machine against GRC.com

I still feel vulnerable. :-(

[this_ol_patriot]

Don't forget to use "Live Bookmarks" or the Sage RSS reader to get your daily dose of Freeper goodness. I'm a recent convert to Firefox and I love it, while there are a few pages that render funky for the most part I'm more than happy. Security wise it's a no-brainer.

Batten down those "cookie hatches" Ad-Aware and Spybot will NOT detect tracking cookies from Firefox. It uses the old Netscape cookie format that puts them into a single text file and those programs will not see them. I use accept only from originating site and delete when closing Firefox with good results but you can make it tighter.

Sage.Mozdev

Sage Project Wiki, check out the tutorial under getting started.

[mikegi]

This is the relevant useful statement in the whole post. At least for today.

Guess you missed this part: The automated bot/worm attackers were exclusively using Windows-based attacks

[avg_freeper]

"The Macintosh machine, on the other hand, was assaulted as often as the Windows XP SP1 box, but never was grabbed by a hacker, thanks to the tunnel vision that attackers have for Windows. "The automated bot/worm attackers were exclusively using Windows-based attacks," said Colombano, so Mac and Linux machines are safe. For now. "[But] it would have been very vulnerable had code been written to compromise its system," he added."

First of all Mac OS 10.x comes with a firewall that blocks a number of the ports by default. I have no idea how they turned it off. The rest is just silly conjecture. There is no way of knowing what would happen if they intentionally tried to target the Mac operating system. There is no way of knowing from this article how easy it would be to code exploits for the mac.

Of course it could be done but the degree of vulnerability doesn't increase just because it hasn't been tried.

[UseYourHead]

Actually Apple has been busy pathcing OSX this year. Here is one article on 15 of them:

http://www.eweek.com/article2/0,1759,1643902,00.asp

There are many more. Mac OS used to be CLI free and therefore fairly well protected. Now that it is just BSD with a Mac interface, there are plenty of things to look after when setting it up. Like anything else out there, configuration is key. Never attach a machine to any network until it is configured - as attested to by some of the previous comments.

[SengirV]

Macs and OS X are your friends. The wintel brown shirts will claim higher costs, but with this crap as the alternative, the TCO is WAY below what a wintel POS costs to operate.

[Mustng959]

ping for info

[proxy_user]

But according to what I have read, there's little need to run an IDENT service nowadays. You can leave port 113 closed but not stealthed, and remote connections will work.

The IDENT protocol, as documented in RFC 1413, is really a hoot. Life was simpler in those days....

[Glenn]

There is no way of knowing what would happen if they intentionally tried to target the Mac operating system.

Interfaces are what they are. If they were left wide open on the Mac, you'd have the same result as with the Pee Cee or any other platform. There are no code mysteries left in the universe and there haven't been since they invented the computer.

[WildTurkey]

Perhaps because you know that since XP was beefed up with SP2 it will be just matter of time till the hackers go after the more vulnerable Macs.