Topic started by Siby Koodalloor (@ 61.11.12.9) on Wed May 23 08:34:51 .
All times in EST +10:30 for IST.

Hi everybody,
Please share your knowldge of internet security, experiences or incidents if any and views on this. Below is given a BBc link.
http://news.bbc.co.uk/hi/english/static/in_depth/uk/2001/life_of_crime/cybercrime.stm
Since many techies also visit this site, I hope I'll be able to some info. I'm looking forward to contributions from people like Ravi Sundaram. I've heard people can even sneak into one's PC through internet. Please share your knowledge, views, advice etcetera.

Responses:

• From: Siby Koodalloor (@ 61.11.12.9) on: Thu May 24 04:05:59
  
  Are there no techies coming to the forum these days? Ravi Sundaram, some_logic are not around here? I invite every one to share his/her knowledge here.
  Thanks
  
  
• From: Ganesh (@ 192.237.114.65) on: Thu May 24 09:57:39
  
  Techies are so busy with Routers... they all are blocked by fire-wall
  
  
• From: TT (@ 203.199.196.118) on: Fri May 25 03:00:27
  
  pl. go through Microsoft's note on inet security.
  
  http://www.microsoft.com/INSIDER/internet/articles/security.htm
  
  One reason for the net crime is due to the techies who leave a company make some security holes in the company's network. Some organizations are careless about this. I have a colleague who used to access his previous org's routers, unix servers, etc even after leaving from there six months back.
  
  
• From: TT (@ 203.199.196.118) on: Fri May 25 03:22:08
  
  There is an interesting article at ITworld.com about the cyberwar hype between US and China:
  
  The recent media hype warning of an impending "cyberwar" between the United States and China seems to breed the assumption that if it's on the Internet, then it must be real. Apparently fueled by nothing more than blustering threats and unsubstantiated claims on Chinese hacker sites, Wired News reporter Michelle Delio seemed to think the FUD (fear, uncertainty, and doubt) was worth a news feature and gave the Chinese hackers the headline "A Chinese Call to Hack U.S." to rally around. On cue, pro-American hackers responded to the challenge by including racist provocations in Chinese Website defacements.
  
  Things got ugly.
  
  Web defacements are nothing new and hardly worth calling a cyberwar. Research group Attrition.org has mirrored nearly 15,000 defaced sites -- most of them from the past two years. The Attrition mirror is full of so-called hactivist messages that are quickly forgotten until the next cause or media blitz. Web defacements indicate that the organization running the Website needs more emphasis on security, but are not usually a major blow to the organization (save where e-commerce is involved). Reload from backups, patch the security holes, and it's business as usual, though with a redder face. More serious threats are not so obvious. Espionage and sabotage predate the digital age so it's not a huge leap to assume that such activities occur on the Internet, but that doesn't mean Web defacements launched from a foreign country are a precursor to war.
  
  Adam Penenberg, coauthor of Spooked: Espionage in Corporate America, observes:
  
  
  It would be highly unlikely that a hostile nation would actually announce a cyberattack on another's IT infrastructure. To be at all effective, it would have to be carried out like a complex spy operation: by stealth rather than with bluster. But is it technologically feasible? More effective would be to hamstring a target nation's informational system as a precursor to actual invasion. The China-U.S. scuffle was nothing more than script kiddies from both countries (and others) scrawling digital graffiti over Websites. And if graffiti is war, than the New York City subways should be considered a war zone.
  
  A cynic could attribute the media hype to self-serving efforts to increase readership and increase profits. The general public has the attention span of a gnat -- sound bites rule; like a dog barking at a doorbell, the security-marketing people responded enthusiastically. The snail mail, voice mail, and e-mail boxes of security managers overflow with pitches from security vendors. Press releases from security vendors Vigilinx and iDefense supplied prime examples of opportunistic marketing.
  
  There was nothing new here. Most of the Web defacements exploited known vulnerabilities that should have been patched months earlier. Big news scoop -- administrators aren't patching their servers unless there's a front-page story. Some are warning that the attacks could go beyond Web defacements to DDoS (distributed denial of service) attacks. Again -- not a new threat. Researchers have been warning of the potential for coordinated DDoS attacks for at least the past two years.
  
  Early security warnings are important when something warrants a warning, such as the Microsoft's Windows 2000 IIS 5.0 server vulnerability recently announced by eEye Digital Security. This vulnerability was much more significant because administrators must patch their servers promptly, and should do so regardless of a so-called cyberwar.
  
  
  
• From: Siby Koodalloor (@ 61.11.12.9) on: Fri May 25 03:57:58
  
  Thanks TT
  I have some doubts. If I download the visual route tracer from visualroute.com, am I rendering my system to attack risks or any malfunctions. Which are the sites that'll give comprehensive info on tracking IPs and ports up to geographical positions of servers and systems of ftp origin?
  
  
• From: TT (@ 203.199.196.118) on: Mon May 28 03:01:58
  
  Boss, my work doesn't require me to know the visual details about all the routers in between me and my destination. If at all I need to find out what's wrong I use 'traceroute' on Unix and 'tracert' on NT. To specifically know more details about a site I use 'whois'. You may search in the net for some hacker sites which give you the information required. The following site contains so many utilities for hacking. See whether you find out what you require here.
  
  http://www.sonic.net/z/a-h.shtml
  
  
• From: Siby Koodalloor (@ 61.11.12.9) on: Mon May 28 09:03:37
  
  i>tracert and traceroute will only give the server IP and some bits and will not give detailed info. I was just enquiring about the risks in downloading and using the visualrouter. You got any info on that. How about the firewalls of zone labs? I downloaded and installed on but it gave me quiote a bit of hassles forcing me to uninstall.
  
  
• From: BUBBLE SORT (@ ) on: Sat Mar 20 21:58:44
  
  BUBBLE SORT
  
  

Want to post a response?