Alternate link to bypass OpenRPN site problem



#12

Please bookmark http://www.openrpn.org/index.php until this latest vulnerability is corrected.


#13

So why does this keep happening? Is it something wrong with the webhost? Or have you somehow gotten on a list of "best 100 sites to hack" or something?

I've had several webpages and none of them have ever ad problemz.

TW


#14

The problem is "preconfigured" software; this may be the pre-installed OS or the user software (bulleting board software, but might be some libraries as well). There are "on-click" exploits widely available, I guess some folks are even spidering for vulnerable sites and auto-exploiting them. There are two counter-measures available: upgrade to the latest version (might be difficult if it's a shared server) *and* rename the standard installation path/files. With this last measure, it is even possible to use exploitable versions, as the "script kiddy" scanner will fail...


#15

Thanks for the ideas, I'll send them over to Chad and with any luck we can finally stop these script kiddies.

#16

One thing to understand about "vulerability" is that just because you may think of your project, or company etc as a "low profile" enterprise does not make it low profile to the crackers. Rrealize that the cracking sniffing process is automated. For instance, if you leave a port open, it is not if, but when you will be cracked. In fact, it is only a matter of minutes.

My company's IS manager put up a test server one day to demonstrate this. He left an open port, and simply let is sit there for a few hours. Then he came back and read the log file. The port was found about 5 minutes after putting it up, and within a 1/2 hour, the command files had been cracked. The cracker, once he found an open port (through his automated crawler) put down his porn and his cheesy junk food snacks and went to work. He re-wrote the primary command script, injecting commands that made him an admin etc. All of his changes were caught by the log file. In fact he didn't do all that good a job at cloaking identity...but it ultimately dead ended in Russia.

Very powerful demonstration.


#17

Quote:
Rrealize that the cracking sniffing process is automated. For instance, if you leave a port open, it is not if, but when you will be cracked. In fact, it is only a matter of minutes.

I'm not sure I'd agree with that. Remember that for a server to work, it has to have at least 1 port open. Having a port open does not mean the server will be hacked.

Take google, yahoo, HP, etc. All their website have open ports. It's just the way the web works.

.

PS, to the openRPN team: How is the PCB going for the 49g+ retrofit kit? I asked you a few weeks back and didn't get a reply.


#18

Quote:
I'm not sure I'd agree with that. Remember that for a server to work, it has to have at least 1 port open. Having a port open does not mean the server will be hacked.

There's a difference between having a port listening (which is indeed necessary if you're going to run any kind of service -- the remote PCs have to have something to connect to!) and having a port open (as in, allowing administrative access to any random stranger who knows a few default passwords).

In Los Alamos in 1945, there were people (about 1 in 5, apparently), who did not change the combination on their safes from the original combination. If you can imagine how easy that must have made the work of any spy, now imagine a similar lack of security today, only now we're not talking about a smallish office complex, but about the whole Internet. This is the kind of carelessness that script kiddies exploit.

- Thomas


#19

I take it you've never read "Los Alamos from Below." Too bad. Get a copy of "The Pleasure of Finding Things Out."

Security at Los Alamos was horrible.


#20

Thanks for the tip -- but I actually have read "Los Alamos From Below" -- that's where I got the figure of "1 in 5 safes with the factory combination unchanged" from. :-)


I thought it was funny how the basics of cracking haven't changed over the years. You simply start out by assuming that most people are lazy and stupid, at it works disturbingly often...

- Thomas

#21

>Having a port open does not mean the server will be hacked.

depends: open the telnet port and your site is under attack by automated dictionary scripts which *will* find the password sooner or later (SSH is way too slow in opening connections, so this would take forever <g>)

(sheesh, I remember the "good old days" when it was possible to offer anonymous ftp upload/download and it wasn't necessary to update your OS for years; the only attack I ever experienced was a formmail.pl which has been uploaded by a customer - the SPAM attack sure wasn't nice...)

#22

http://www.isene.com/artweb.cgi?article=006-update.txt

#23

http://www.somethingrare.net/

you can even mail him at u00z@hotmail.com =P


Possibly Related Threads...
Thread Author Replies Views Last Post
  OT: a math competition site Pier Aiello 0 716 09-16-2013, 06:03 AM
Last Post: Pier Aiello
  OpenRPN Matt Agajanian 3 1,059 09-09-2013, 12:42 AM
Last Post: Paul Dale
  WP-34S on German Auction Site Joerg Woerner 3 1,272 09-08-2013, 04:36 PM
Last Post: Maximilian Hohmann
  Jacques Laporte's Fantastic Site BShoring 3 1,192 06-15-2013, 08:36 AM
Last Post: aj04062
  10C, 11C, 12C logos on The Auction Site Peter Murphy (Livermore) 0 650 06-14-2013, 11:24 PM
Last Post: Peter Murphy (Livermore)
  IR Link Problem: HP48 <-> PC Waon Shinyoe (China) 1 772 03-16-2013, 03:37 AM
Last Post: Eric Smith
  O.T. Aston Martin mentions Golden Ratio on their web-site. Pavneet Arora 1 730 01-24-2013, 06:12 PM
Last Post: Mark Scheuern
  New HP 39gII programs on my web site Namir 10 2,263 12-23-2012, 06:04 PM
Last Post: Eddie W. Shore
  Alternate poll Paul Dale 14 2,308 11-29-2012, 01:29 PM
Last Post: Eddie W. Shore
  Link for SAMBA v2.10 download Tom Sauntry 9 1,830 05-28-2012, 11:41 AM
Last Post: Tom Sauntry

Forum Jump: