[ISN] Hands Off My PC!

From: InfoSec News (isnat_private)
Date: Mon Apr 23 2001 - 15:39:04 PDT

  • Next message: InfoSec News: "[ISN] MoD claims answer to email viruses"

    http://www.time.com/time/magazine/article/0,9171,1101010430-107238,00.html
    
    BY ADAM COHEN
    APRIL 30, 2001 VO. 157 NO. 17
    
    A maniacal army from Alabama is attacking my home computer and trying
    to seize control of it. I know that sounds a little paranoid, but it's
    true. And your computer could be next. Let me explain.
    
    Like most people, I've lived a dual life when it comes to Internet
    security. At the office, I'm well protected by a corporate firewall.
    That makes sense; lots of people would probably like to crack AOL Time
    Warner's computer system. But at home, I have no protection at all.
    C'mon, who wants to dig through the to-do lists and video poker games
    on my Power Mac G3?
    
    I decided to find out. So a few weeks ago, I installed Norton's
    Personal Firewall. (Other leading brands include Network Ice's Black
    Ice Defender and Zone Labs' ZoneAlarm 2.1.) The software promised to
    block outsiders from getting into my computer and to keep a log of the
    IP address or domain name of everybody who tried.
    
    As home-hacking victims go, I fall in the middle of the spectrum. On
    one hand, I recently installed a high-speed DSL service. These "always
    on" connections are catnip to hackers because they are stationary
    targets, vulnerable to attack 24 hours a day. On the other hand, I
    have a Mac, and most mischiefmakers prefer Windows PCs.
    
    Once the firewall was up, I promptly forgot about it. By the end of
    the day, I hadn't got a single ping. So much for the great
    home-hacking threat. But the next morning there was a pop-up on my
    screen. A "remote procedure call" had come in overnight from an
    anonymous computer with an 11-digit IP address. The firewall blocked
    it. Since then, hardly a day has gone by without one and sometimes 10
    or more attempts by outsiders to get into my hard drive.
    
    The hits are a testament to the power of the Internet to bring us
    closer together. Computers from as far away as Thailand and Japan have
    found their way to my humble apartment in New York City. A Canadian
    identified only as guelphppp217545.sympatico.ca must have wanted in
    badly. He, she or it tried 15 times over the course of a few minutes.
    Now, when I get home at the end of the day and check my e-mail, I also
    look to see who's been knocking at my computer door. I'm on to you,
    newteq.com.tw, telocity.com and pascal-jp.com.
    
    But who are all these guys, and what do they want? It turns out that
    the domain names and IP addresses that show up in the log may not
    belong to the people doing the dirty work. Hackers often commandeer
    other people's computers or ISPs to mask what they're up to.
    
    As for what they want, a lot of the hits are harmless. Some may even
    come from applications, like Napster, that I have authorized to run.
    But at least some of them are probably hackers trying to rummage
    through my files, hoping to lift my credit-card number or empty my
    bank account.
    
    And yes, one pop-up advised me that maniacalarmy.org was trying to get
    into my computer. I checked out the domain name, and it belongs to a
    computer company in Birmingham, Ala. The people who work for the
    company may be perfectly innocent, although they have been dodging my
    phone calls. Still, as long as maniacs of any kind can access my
    computer through my phone line, I'll be keeping the firewall up.
    
    But please send e-mail only to Adam's office: Cohenat_private
    
    ISN is hosted by SecurityFocus.com
    ---
    To unsubscribe email LISTSERVat_private with a message body of
    "SIGNOFF ISN".
    



    This archive was generated by hypermail 2b30 : Mon Apr 23 2001 - 23:59:25 PDT