Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- How useful is a vulnerable home computer ?
April 8, 2007, 4:37 am
rate this thread
power storing valuable or sensitive data is more easily understood
than the threats to standalone home computers.
Finding vulnerabilites in and attacking a large network is possibly
worthwhile for the that specifi network's enemy ( for e.g a direct
business competitior) who has a specific purpose or for the hacker who
is not a specific enemy. But is it worthwhile for hackers or hacking
groups to attack a standalone, connected to the Internet ? The
question is worded like this to ask "Is a home computer less prone to
be attacked ? and "Is a home computer less attractive for a hacker ? "
Take the case of a desktop computer of average configuration, owned by
an average citizen of no significance in terms of wealth or power or
fame, who does not use a credit card and does not shop online. The
user does not have a reason to be a specific target by an "enemy".
Why would his computer be compromised ? What is the purpose ? What are
the types of attacks ? And of what use to the hacker is the
information collected? What use are the computing resources of a
totally hacked PC of this unsuspecting user ?
Re: How useful is a vulnerable home computer ?
Absolutely. If a hacker can use a simple port scanner than can search the
Internet with lightning speed and compromise enough systems, he or she will
have quite the botnet network. It is this botnet network, many times, that
becomes to tool for the hacker to attack the large company network.
Again, compromised and remotely controlled home computers mean increased
bandwith. The more bandwidth, the more resources with which to attack the
Home computers usually aren't specifically targeted. In other words, the
hacker doesn't sit back and say, "Tonight I'm going to attack this specific
IP address." Rather, they simply use port scanners, packet sniffers and
other tools to find vulnerable ports, of which there are many out there. I
clean malware off people's computers all the time, and it's amazing to me
that the average user has no clue regarding computer security. This
conversation goes on all the time:
"Do you have a router?"
"Were you running a software firewall?"
"Do you have an antivirus installed and do you keep it up to date?"
"Well, Norton (or McAfee) came with the computer, but I haven't ever
updated it or renewed the subscription."
And, of course, it's usually something like Norton 2002, which seems to
allow every piece of crapware ever made onto the computer. Why is it the
most hosed systems I ever deal with have either Norton or McAfee installed?
I have yet to deal with a completely hosed system that was running NOD32 or
As stated, a simple RAT (remote access trojan) placed on your computer
gives the hacker control of your system, and you don't even know it. The
hacker uses your computer, along with the others he has compromised, to
perform denial of service attacks and other fun stuff on the bigger fish.
Also, while the hacker is at it, he or she will attempt to use the
implanted malware to record your keystrokes, passwords, credit card
numbers, and another personal information you enter on your keyboard. Any
personal information that is on your computer (financial software,
documents, you name it) may also be accessed. In short, if you are
compromised, you are a sitting duck, especially if you use your computer to
perform financial transactions or other tasks of a personal or sensitive
The types of attacks: There are many avenues of entry, but there are too
many targets on the Internet for a hacker to take too much time on one of
millions of systems. With the work I do, I see infected computers daily,
and there are some common denominators:
First of all, the majority of malware does not "sneak" onto people's
computers. Most of it is voluntarily downloaded. A lot of instances may
involved scare tactics, such as a script that appears saying, "Your
computer has been infected with malware - Click HERE to download
blahblahblah to clean your system." People go into a panic, click click
click, and the damage is done. Or, they see a banner ad advertising some
antivirus or antispyware application, download it, only to find out later
it is a rogue application and is itself malware.
Secondly, in 99.99999999% of the cases, the user is using Internet Explorer
as their web browser - usually devoid of the most current security patches.
Not only are they using IE, but everything is enabled: ActiveX, VBScript,
little scripts that advertise rogue applications wouldn't even show up if
the proper settings were tweaked in IE. Do people realize ActiveX allows
someone to literally run programs on your computer? That's fine if it is a
cute little animation on a trusted web page, but what if the website has
been compromised? ZAP!!! You go to the webpage, and via ActiveX, the
hacker has control of your computer. Along with this I also have to include
programs such as Windows Messenger and AOL Instant Messenger, both of
which, for the average user, are portholes for malware directly to your
system. Generally you have to click something while in the programs, but
some worms are able to spread from system to system without any interaction
from the user.
Thirdly, improper system settings in general exist on most compromised
systems. Things like NetBios, which is NEVER needed on a non-networked
home computer. This is not so much the fault of the user as it is
Microsoft. The reason I say this is because when you purchase your
computer, the default settings are very vulnerable, and the average user
doesn't know that certain things, like NetBios, should be disabled. There
are other things I could mention, but my fingers are getting tired...
The last item is simply the lack of proper security measures. If you are
on a broadband connection, the least that you need is a good router - AND -
change the default password; something which many don't even think of
doing. After that, some kind of layered security measures (software
firewall, antivirus, HIPS, etc) should be in place. There is a lot of
debate about to effectiveness of certain security software, but after
seeing what I see on a daily basis, I wouldn't be without it. A good
security software suite can be done for free (although I don't really care
for any of the free AV's). The point is - a lot of systems get borked
because people don't have any kind of preventative measures in place.
While security software might not stop all kinds of sofware or attacks, as
a general rule, if a hacker is scanning, and your computer is behind a
router, software firewall, with security software in place, the hacker
isn't going to waste his or her time. There are too many easy targets out
there to take the time to get through your defenses.
Posted via a free Usenet account from http://www.teranews.com