HOME HYPERLINKFORUM HYPERLINKCDR HYPERLINKSUB-SYTEM HYPERLINKHARDWARE HYPERLINKHOW_TO'S HYPERLINKLINKS HYPERLINK

Tricks and Secrets for Successful CD Burning CDR  Burning CDRW Burning, Burning Issues, CDR, CDRW, CD Burning forum, burningissues for Burning & copying copy protected CD's, CD burners, CD writing, CD CDR CDRW Burning

Denial of Service (DoS)

It is your duty to protect your computer (for all our sake)


Do you know what your computer was doing last night or did you allow your computer to play on the internet with no firewall or no antivirus.  If you allowed your computer to play out without any protection then it may well have been involved in a Denial of Service attack (DoS).  Your computer can't think for itself and if someone tells it to do something then it will blindly follow orders, break into internet banking sites, give your credit card details or even take down parts of the internet.  It's time to protect yourself and others.

After following a link that Shoarthing sent me I came to the conclusion that anyone who goes on the internet has a duty to protect their computer from the hackers, with a suitable firewall and an upto date virus/trojan checker. It's no use just having them you must use them!

Why should you protect your computer? It is your computer, and you should have the right to to decide what security measures you take.

I'm afraid things just aint that simple. YOUR computer could be used to take complete networks down and as more and more of us get high speed internet, always on connections, it becomes more important to protect your computer so that it can't be used to deny other peoples use of the internet.  

It took a 13 year old kid, armed with a piece of software, available on the net, to take down Steve Gibson's (the security guru) website GRC.com and there was little he could do about it.

 It all started on the evening of the 15th of May and continued for several days. For the full story goto "The strange tale of the Denial of Service attacks against GRC.com".  It can be heavy reading but well worth the effort and time.  You may also like to read the "open letter to the internet hackers".  It is not complete yet but it will give you an idea of the way things are going and will continue to go unless everyone who accesses the internet protects themselves. 

So you don't want, or can't afford to buy a firewall or antivirus software.  Don't worry, you will be pleased to know that the best firewall and a very good antivirus is free of charge.  Go here for the firewall (ZoneAlarm) and here for the antivirus (AVG).

Steve Gibson took a look at ZoneAlarm and BlackIce defender to find out which would protect your computer, and sites like his, the best.  Below is what he wrote;

Personal Firewalls and IRC Zombie/Bot Intrusions

 ZoneAlarm v2.6 (Free) —

The last of my testing was to see whether the firewall I keep telling everyone to use: ZoneAlarm — either FREE or Pro — would be effective in stopping the IRC Zombie/Bot and the Sub7 Servers that had taken up residence in my poor "Sitting Duck" laptop.

I downloaded the current, completely free, version of ZoneAlarm 2.6 from the ZoneLabs web site and installed it on the "Sitting Duck" laptop. Upon restarting the machine I was gratified to receive immediate notification that the Zombie/Bot was attempting to make an outbound connection to its IRC chat server.

Meanwhile, the Sub7 Trojan was sitting quietly waiting for someone to connect to it. So I used another machine to "Telnet" to the port the Sub7Server Trojan was listening on. Up popped ZoneAlarm asking whether the nonsense-looking random character name the Sub7Server had chosen for itself should be allowed to accept a connection from the Internet.

Perfect performance from ZoneAlarm.

Then I had a thought: What would Network ICE's BlackICE Defender do under the same circumstances?



 BlackICE Defender v2.5 ($39.95) —

I did not have a current copy of BlackICE Defender around, but I felt that this was an important test. So I laid out $39.95 through Network ICE's connection to the Digital River eCommerce retailer and purchased the latest version (v2.5) of BlackICE Defender hot off the Internet. I had already removed all traces of ZoneAlarm and restarted the machine, so I installed BlackICE Defender, let everything settle down, and restarted the machine with my packet sniffer running on an adjacent PC.

As far as I could tell, BlackICE Defender had ABSOLUTELY NO EFFECT WHATSOEVER on the dialogs being held by the Zombies and Trojans running inside the poor "Sitting Duck" laptop. I knew that BlackICE Defender was a lame personal firewall, but this even surprised me.

The Zombie/Bot happily connected without a hitch to its IRC chat server to await further instructions. The Sub7 Trojan sent off its eMail containing the machine's IP and the port where it was listening. Then it connected and logged itself into the Sub7 IRC server, repeating the disclosure of the machine's IP address and awaiting port number. No alerts were raised, nothing was flashing in the system tray. The Trojans were not hampered and I received no indication that anything wrong or dangerous was going on.

I took a lot of grief after my LeakTest utility cut right through BlackICE Defender. Network ICE told everyone that LeakTest was "being allowed through" because it was a completely benign Trojan. I knew that was a load of bull (and they must have too), but it didn't really matter to me, and I had no affirmative means of proving otherwise.

Well . . . I have that now, and so do you.

I performed one final test: As I had with ZoneAlarm, I attempted to connect to the Sub7Server Trojan running inside the "Sitting Duck" machine on the IP and listening port number the Trojan was advertising all over the Internet . . . and it worked perfectly. I received Sub7's "PWD" prompt asking me to login.

Anyone want an "only used once"
copy of BlackICE Defender?

I certainly have no use for it.

 

To anyone who is still stubborn enough to insist that BlackICE Defender is actually good for something: PLEASE do not write to me. I don't want to hear it. I'm a scientist who will not find your mystic beliefs to be compelling. I respect your right to your own opinions, no matter how blatantly they fly in the face of logic and reality. That is, after all, the nature of faith. Happy computing. I suggest prayer.


Windows 2000 and Windows XP

The machines which attacked Steve were all security compromised windows based machines. Thankfully Microsoft has not implemented the full Unix socket specifications in windows 95,98,NT or ME, but now, for some inexplicable reason, MS have implemented the full Unix socket specifications in Windows 2000 and the future release of Windows XP.

It is impossible for any machine running Windows 95,98,NT or ME to generate malicious TCP packets or even spoof its source IP.   Forging the IP address of an attacking machine (spoofing) is such a trivial thing to do under any of the various UNIX-like operating systems, and it is so effective in hiding the attacking machines, that no hacker would pass up the opportunity if it were available. Windows 2000 and Windows XP have this capability.

Please Remember;

the reason Burning Issues was formed was due to a security problem at a forum that all the administrators used to post heavily at.  It was quite a shock, to us all, that our computers were being hacked.  Most of us knew very little about security, at that time, but you can bet your bottom dollar we soon learnt.  Securing a computer completely is difficult, virtually impossible with windows 95/98, but the basics are easy.  The basics will keep most of the kids away.

We will bring you more on security in the near future, meantime, if you want to learn how to keep safe on the net, a good place to start is our own Forum and GRC.com

We learnt, so can you and so must you!

 

Copyright © Graham June 2001 Burning Issues -with acknowledgment to Steve Gibson all rights reserved

 

Burning Issues burning issues CDR cdr cdrw CDRW CD copying forum burningissues copying copy protected burning CD burners CD-burners CD writing CD-writing
Home Forum CDR Sub-System Hardware How-To's Links

Burning Issues cdr cdrw CDRW forum burningissues copying copy protected burners CD writing CDR hardware CDR software applications utilities CloneCD Clone CDRWin WinOnCD Nero App Nero EasyCD DiskJuggler PrimoCD BlindRead BlindWrite how-to's speed tests cooling methods walk-throughs work-arounds step by step security Internet net discussion forum questions golden orb Molex 840 cooler coolers winoncd 3.7 golden orb 840 molex 800 molex840 molex800 cd-burners cd-writing cd-readers clonecd clone cdrwin Winoncd winoncd-pe nero burning app easycd ezcd Diskjuggler diskjuggler Primocd primocd blindread Blindwrite how to’s How-to’s walk throughs work arounds Security internet Net Discussion forum Burning problems Golden orb c/w C/W forums Hardware reviews hardware reviews software reviews Software Burning Issues cdr cdrw CDRW forum burningissues copying copy protected burners CD writing CDR hardware CDR software applications utilities CloneCD Clone CDRWin WinOnCD Nero App Nero EasyCD DiskJuggler PrimoCD BlindRead BlindWrite how-to's speed tests cooling methods walk-throughs work-arounds step by step security Internet net discussion forum questions golden orb Molex 840 cooler coolers winoncd 3.7 golden orb 840 molex 800 molex840 molex800 cd-burners cd-writing cd-readers clonecd clone cdrwin Winoncd winoncd-pe nero burning app easycd ezcd Diskjuggler diskjuggler Primocd primocd blindread Blindwrite how to’s How-to’s walk throughs work arounds Security internet Net Discussion forum Burning problems Golden orb c/w C/W forums Hardware reviews hardware reviews software reviews Software