Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Most hacked / sniffed port numbers - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Most hacked / sniffed port numbers

2»

Comments

  • UrDNUrDN Member
    edited February 2015

    bsdguy said: So our real problem isn't evil russian professional hackers or the nsa. Our problem is script kiddies, orbit cannon anonymous kiddies, or plain 14-years old "wizzzzards" in an evil mood.

    This issue is solved by fixing broken softwares and not using those that are known to be trash. Consequently, I don't really hear script-kiddies except getting some DDoS every now and then.

  • MitchellMitchell Member

    @bsdguy said:
    Traffic

    Thanks. Many seem to think that Cloudflare works miracles and that their IPs somehow magically vanish into some kind of virtual high-security vault.

    Mitchell

    Thanks for the demonstration of how many idiots replace knowing and proper mechanisms by religious belief systems.
    You've failed to understand even the most basic principles.

    WHY ist the sym. key exchange encrypted? You've mixed up a mechanism and a goal.

    Just have a look at real-world security issues. Virtually all of them are implementation related. ECC 160 vs. RSA2048 is a purely academic question. Your server isn't cracked because the algorithm you used wasn't perfect (wikipedia saying there are attacks known that bring down the strength from 256 bits to 180 bits).

    Your servers get cracked because e.g. OpenSSL is an extremely poor implementation of those secure algorithms. Or because some "Open Source = security" dumbass happily used table driven crypto, inviting and making easy a timing attack.

    But OpenSSL is open source so it must be great, no? How come a gazillion "1000 eyes open source security" minions found themselves blitz-fucked by heartbleed?

    Because like you they mixed up pretty everything, got wrong pretty everything, led holy wars for GPL, preached OpenSSL and 1000 eyes - instead of understanding even the basics and fucking check their shit even with just 4 eyes. Yes, that's how Heartbleed happened. 2 eyes (developer) were unexperienced and the other 2 eyes ("controller/maintainer") never looked properly and such failed to discover a pretty obvious problem.

    Religious belief systems? Vanilla forums may have quoted that but I explicitely didn't mention it because I despise the GPL and fully agree that that is the reason nobody gives a shit about OpenSSL.

    All the whiny fucks using GPL think the code they write is super unique and anyone would change their businessplan to be able to use it. Of course companies won't, they'll get the whole thing rewritten if you're being such a dick about, missing out on commercial R&D.

    If more people would use things like NaCl or one of the many TLS libraries then the bloated OpenSSL cancer may finally go away...

    And why encrypt? Because it's called secure shell, aka that's not my call. And it takes any script kiddie 5 minutes tops to nmap your SSH daemon's port..

  • bsdguybsdguy Member

    @Mitchell

    Widely agreed but: script kiddie actually checking for SSH port rather than just licking "run 3v1l" would already be an elite script kiddie. Most simply don't.

    As for the rest, GPL Taliban, OpenSSL believers, NaCL not even knowers, etc ... YES! Glad to see that some others heard the bell, too.

  • Master_BoMaster_Bo Member

    @bsdguy said:
    OK, now we're getting to a reasonable discussion.

    TL;DR. No, seriously. Too many words, when a single rule should be repeated till it's a reflex of security-wise thinking. "Assume nothing".

    Just don't assume anything when dealing with security. When you understand what you're doing and what are consequences of neglecting anything, you're thinking in correct manner.

    So changing default ports, whitelisting, using port knocking, using intrusion detection, installing security updates, reducing rights to minimal possible, changing passwords often, backing up everything to multiple places, etc etc etc - those are simple, actions that will generally improve the level of security and reduce time required to restore when your network realm gets broken. It's just a matter of time when it will happen.

    All flame wars are pointless here. I suppose that listing those simple security measures would do more good. Thanks.

  • mehargagsmehargags Member

    Master_Bo
    All flame wars are pointless here. I suppose that listing those simple security measures would do more good. Thanks.

    Lol, that was actually my intention, turned out to be a clash of the titans...

    Respect to the elders, but please consider the juniors for the information they seek. A simple checklist of ports to block would be great!

  • bsdguybsdguy Member

    @mehargags said:
    ... please consider the juniors for the information they seek. A simple checklist of ports to block would be great!

    Here you go: ports 0 - 65535

Sign In or Register to comment.