Announcement

Collapse
No announcement yet.

It's A Cruel World Out There

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    It's A Cruel World Out There

    My hardware firewall-router-LANswitch died yesterday. Considering that it was about five or six years old and only cost me about $25 US, I'm not too unhappy about it. While waiting for a newer model from NewEgg, I've been running with a direct connection from my cable modem to my main box. Since then, I have noticed two or three popups saying
    "Attention: Somebody is requesting a connection to your computer.
    Granting this will allow the remote user to watch your desktop.
    Remote system: ffff:#.#.#.#".
    I've run a couple of "whois #.#.#.#" I've contacted the owners to whom the addresses traced back, two American ISPs and a German University. One of the ISPs, thanked me for my interest. The others said nothing.

    A glance at /var/log/auth.log indicates that this was just the tip of the iceberg. Since 1800 UT yesterday, my computer has been probed several hundred times from at least 6 different IP addresses from as far away as Romania. The numbers are approximate because the file is 170 KB long! At least twice, the probes included trying to get in with username "root", (Don't EVER tell me that using sudo instead of a root login is too much trouble.), admin. apache, guest, sshd, and an alphabetical listing of first names, Another attack took place while I was typing this message.

    I don't think that anyone got in, but imagine what might have happened had this been a windoze computer, or even a Linux computer with a distro that defaults to open ports.

    Do they give out points for the number of denial-of-service attacks you participate in (like SETI@HOME)?

    #2
    Re: It's A Cruel World Out There

    I recently booted my ancient dusty 233 mhz Thinkpad to win2k on dialup and almost instantly started getting Messenger popup thingies. Its a script-kiddie world out there I guess

    Comment


      #3
      Re: It's A Cruel World Out There

      Read an article in PC Mag. 10 XP computers hooked up to 3 different cable/dsl providers, no additional hardware firewalls other than the router. All with experienced windows users. Their task was to secure the computer and download updates for Windows and Office.

      6 of them were hijacked/spywared/trojaned before the security updates were complete.

      Comment


        #4
        Re: It's A Cruel World Out There

        I seem to recall a recent statistic from somewhere (slashdot, perhaps?) that some ENORMOUS percentage, like 75% of all internet traffic is now malware, ranging from spam emails to keyloggers and botnets.

        Comment


          #5
          Re: It's A Cruel World Out There

          Originally posted by askrieger
          At least twice, the probes included trying to get in with username "root", (Don't EVER tell me that using sudo instead of a root login is too much trouble.)
          Point taken, askreiger. But maybe that's where there's room for improvement in the ubuntu security model. The fact is that using Sudo IS too much trouble. Using graphical root login, on the other hand, has its security risks (as you have pointed out). Maybe developers should take these two facts into consideration and come up with a way to either: a) give a non-root account the ability to do sudo-type of tasks without having to use the terminal or other run-command-type of interface or b) allow for the ability to create root-privilege superuser accounts that can be named anything (such as how it's done on all versions of Windows prior to Vista).

          It is my belief that if the root account is unsecure in and of itself, that is a problem that should be directly addressed. Simply getting around it by running in a guest-user type mode seems to me a way of avoiding dealing with the problem. But that's just my own personal opinion. Take it for what it's worth.

          Comment


            #6
            Re: It's A Cruel World Out There

            The question is: "Too much trouble compared to what?". A typical Windows PC exposed to the internet without a firewall can be, and often is, compromised by hackers within minutes. The reason is that any and all users have administrative privileges that allow an evil-doer to take control of the machine at will. Any personal information (like your credit card numbers) on such a machine is immediately available to anyone who wants it.

            Even if you don't keep confidential information on your computer, you're still vulnerable to a whole (and ever changing) menagerie of viruses. My wife's Windows machine was infected via an email virus that came attached to a message from an IT professional with a mailing list, who should have known better. His Windows machine had been attacked and used to propagate the virus. I assume that at some point, the attackers did gain access to whatever they were seeking. Even if they didn't, they made a heck of a lot of trouble for him, for my wife, and for every one else whose machines got attacked.

            Sudo is a small price to pay for internet security. In addition, it serves as a reminder that what you are about to do has consequences. Moreover, if it were THAT hard why would Apple, the acknowledged leader in computer usability, use sudo?

            Comment


              #7
              Re: It's A Cruel World Out There

              Well said. "...using Sudo IS too much trouble." Really? Two steps: open a console (or press Alt+F2); type sudo (kdesu) command (application) and press enter. Wow. I never stopped to think just how much extra work was involved in doing this!

              As anyone who has had the opportunity to use Vista knows well just how annoying the implamented security feature it uses is when requesting an action requiring 'root' verification to execute is run. And that is a graphical implamentation!!

              If anyone is going to use Linux, and expect to become both proficient and comfortable with it, is going to have to learn how to use the command line. Heck, the command line (old DOS window) still remains in Windoze! Ever wonder why it's still there; why M$ hasn't eliminated from their OS??
              Windows no longer obstructs my view.
              Using Kubuntu Linux since March 23, 2007.
              "It is a capital mistake to theorize before one has data." - Sherlock Holmes

              Comment


                #8
                Re: It's A Cruel World Out There

                Originally posted by askrieger
                Sudo is a small price to pay for internet security. In addition, it serves as a reminder that what you are about to do has consequences. Moreover, if it were THAT hard why would Apple, the acknowledged leader in computer usability, use sudo?
                Apple makes the use of sudo transparent to the user by wrapping the process around with a nice GUI dialog box. I'd imagine the same thing can be done with Ubuntu / Kubuntu. The current approach by letting the user hit the "Administration Mode" button isn't too bad either, IMO, though.

                I'd much, much prefer the "sudo / su" security model over the Windows-style, lets-make-everyone-admin model... that's for sure.
                Registered Linux User: #281828 | Kubuntu User: #22280

                Kubuntu 18.04 LTS
                Dell Precision Workstation T5500 (Xeon @ 2.13GHz x 2 / 12 GB RAM)

                Comment


                  #9
                  Re: It's A Cruel World Out There

                  The nice gui wrapper is called kdesudo and shows up on your desktop when you try to run something like Adept by clicking on an icon. The only time you have to use the command line sudo is when you try to run a shell command as root from Konsole, Yakuake , or an Alt-F2 entry on the desktop.

                  Comment


                    #10
                    Re: It's A Cruel World Out There

                    Originally posted by askrieger
                    The nice gui wrapper is called kdesudo and shows up on your desktop when you try to run something like Adept by clicking on an icon. The only time you have to use the command line sudo is when you try to run a shell command as root from Konsole, Yakuake , or an Alt-F2 entry on the desktop.
                    That's nice. I didn't notice it because I give my account the "NOPASSWD" privilege in /etc/sudoers.
                    Registered Linux User: #281828 | Kubuntu User: #22280

                    Kubuntu 18.04 LTS
                    Dell Precision Workstation T5500 (Xeon @ 2.13GHz x 2 / 12 GB RAM)

                    Comment


                      #11
                      Re: It's A Cruel World Out There

                      I give my account the "NOPASSWD" privilege in /etc/sudoers.
                      That seems to defeat the purpose with regard to local security, I take it you have a single user computer in a comparatively secure location (like a home office) and no linux-illiterate family members.

                      Comment


                        #12
                        Re: It's A Cruel World Out There

                        Originally posted by askrieger
                        I give my account the "NOPASSWD" privilege in /etc/sudoers.
                        That seems to defeat the purpose with regard to local security, I take it you have a single user computer in a comparatively secure location (like a home office) and no linux-illiterate family members.
                        Believe me, my machine is not secure at all. I only do that because yes, the computer is in my home office, and nobody else even touches it except, possibly, for my wife. Even that should not be a concern since I make a habit of locking my computer whenever I am away from my desk. Even better, she has no idea what "sudo" is.
                        Registered Linux User: #281828 | Kubuntu User: #22280

                        Kubuntu 18.04 LTS
                        Dell Precision Workstation T5500 (Xeon @ 2.13GHz x 2 / 12 GB RAM)

                        Comment


                          #13
                          Re: It's A Cruel World Out There

                          Mmm .... wouldn't it be nice to have a Plasma Widget scanning the network logs periodically and reporting fishy stuff? Is there such a thing?

                          Comment


                            #14
                            Re: It's A Cruel World Out There

                            I started an FTP site to support a gamer server I was running. I eventually shut it all down because of the number of attacks. The attacks on that one open port to the server actually caused D.O.S. like affects. Sad!!!

                            Comment

                            Working...
                            X