Greenguy's Board - View Single Post - Hacker try to steal money from my account

Mattinblack · 2005-12-17, 09:35 PM

Sigh. I have lost count of how many times I have read threads like this on adult and non adult webmaster forums. We live in an age where every company that has a financial payments side to it is capable of being targetted by hackers worldwide, many of the Soviet Mafia hackers have KGB/GRU info war training and a data stick in their back pocket full of hack utilities from the soviet military.

In a previous life I was in charge of all aspects of a large installation and most of the security holes that were exploited had nothing to do with scripts on servers or database security as such. They were mostly Windoze vulnerabilities. The worst problem we had was a guy we simply could not trace for weeks. It turned out that he had taken over a humble PC that was used by the artwork department to process batches of image files.

Of necessity it had its own internet connection and when the system was designed was not connected to our intranet. Some bright spark decided to run an ethernet cable and connect it so that he could backup files onto our main server instead of burning optical discs. The hacker had zombified the PC, run a packet sniffer and a trace utility to map our network and headed straight for accounts.

Luckily we were running our accounts on a legacy HP mainframe and not a PC system, he was obviously all at sea and made some mistakes. If it was a Windoze or unix system we would probably stil be scratching our heads.

The learning outcome of this decision was that I have decided to firewall ANY secure data behind the wierdest and wackiest hardware/software I can find with lots of security logging and audit trails. Hint there are a lot of old but perfectly servicable Dec Minis out there .....If there is only one access pipe and its monitored and logged for any suspicious activity then it can be stopped before too much damage is done. The trouble with using Windoze and unix boxes for this activity is that there are too many unpatched security holes that are well documented and with exploits written for them. Who is to say the machine doing the watching is not itself compromised? If the machine monitoring and controlling the pipe is one which few people know anything about then its much more secure.

2005-12-17, 09:35 PM	#18
Mattinblack Asleep at the switch? I wasn't asleep, I was drunk Join Date: Nov 2005 Location: London UK in a house share with three 28 yr old girls...perv perv Posts: 215	Sigh. I have lost count of how many times I have read threads like this on adult and non adult webmaster forums. We live in an age where every company that has a financial payments side to it is capable of being targetted by hackers worldwide, many of the Soviet Mafia hackers have KGB/GRU info war training and a data stick in their back pocket full of hack utilities from the soviet military. In a previous life I was in charge of all aspects of a large installation and most of the security holes that were exploited had nothing to do with scripts on servers or database security as such. They were mostly Windoze vulnerabilities. The worst problem we had was a guy we simply could not trace for weeks. It turned out that he had taken over a humble PC that was used by the artwork department to process batches of image files. Of necessity it had its own internet connection and when the system was designed was not connected to our intranet. Some bright spark decided to run an ethernet cable and connect it so that he could backup files onto our main server instead of burning optical discs. The hacker had zombified the PC, run a packet sniffer and a trace utility to map our network and headed straight for accounts. Luckily we were running our accounts on a legacy HP mainframe and not a PC system, he was obviously all at sea and made some mistakes. If it was a Windoze or unix system we would probably stil be scratching our heads. The learning outcome of this decision was that I have decided to firewall ANY secure data behind the wierdest and wackiest hardware/software I can find with lots of security logging and audit trails. Hint there are a lot of old but perfectly servicable Dec Minis out there .....If there is only one access pipe and its monitored and logged for any suspicious activity then it can be stopped before too much damage is done. The trouble with using Windoze and unix boxes for this activity is that there are too many unpatched security holes that are well documented and with exploits written for them. Who is to say the machine doing the watching is not itself compromised? If the machine monitoring and controlling the pipe is one which few people know anything about then its much more secure. __________________ Mattinblack - <a href="http://pornlinks.kwikfire.com">PornLinks</a> - <a href="http://strange-attractor.kwikfire.com">Strange Attractor</a> - <a href="pnav.kwikfire.com">PORNavigator</a> - <a href="http://ukescort.kwikfire.com/">Fem Escorts</a> - <a href="http://kwikfire.com/">Hosting</a>