responses inline
----- Original Message ----- 
From: "Dan Bale" <dbale@xxxxxxxxxxxxx>
To: "PC Technical Discussion for iSeries Users" <pctech@xxxxxxxxxxxx>
Sent: Thursday, July 29, 2004 1:41 PM
Subject: RE: [PCTECH] Need firewall protection,


> (Forgot to acknowledge the link to HowStuffWorks.com; I have been there
> before for other stuff, and will check this out tonight.)
>
> Adam, I loved the "simplistic" analogy for the "man in the middle" attack.
> I am getting the impression from yours and others' replies that this type
of
> attack is unlikely, given the vast percentage of PC's are not protected
with
> any firewall, why would someone go through the extra complexity when there
> are so many easy targets?  Still, are there any examples of this type of
> attack, and are they referred to as "man in the middle" attacks?  (Or was
> that just a term you or David coined in this thread?)

Man in the middle attacks typically need to be very detailed and planned.
For this reason they are used when targetting a specific host and system.
No one really cares to imploy a MITM attack to intercept your Instant
Messenger text. ;)  You also have to realise there is a difference between
"script kiddy" cracking and the stuff along the lines of industrial
espionage.  Sasser, msblast, etc are script kiddy cracks.  An exploit in a
program or OS is found and someone writes up the code to do it.  A bunch of
wannabes then run the code (there are enough stupid peopel that will do it,
so I would be suprised that any of the opriginal authors of the code
actually hit the "go" button").  This is the stuff that typically hits home
users.  It is just a blanmket program to cause problems.

Serious attacks to break into systems and garner personal information are
TYPICALLY directed at specific people/businesses.  Now, this isn't to say
you are under the radar.  a Lot of people embed key loggers into shareware
programs.  But again, they aren't attackign everyone.  Just people actively
downloading and installing their software.

>
> Which are the "bad" programs that don't notify you of the "dead bodies"?
Is
> IE considered to be one of them?  Is it only browsers?  Or can it be
> programs like Norton's Live Update, or other non-browser apps that go to
the
> internet?

It isn't liek there is a list.  A bad program can be patched and a good
program can get a patch that breaks it.  Typcially when you hear of Denial
of Service attacks, this is because an exploit was found in a program that
wasn't catchign a type of error.  It doesn't give access to the system, but
it will crash the program and then refusign service.  Of course osme times,
the exploit will open a root hole to gain access.  Books upon books are
written about this stuff.  In geenral, you don't knwo if there is a problem
until it happens. ;)  Also, has MS has shown, they hav a lot of "exception
exploits" that the OS has been repeatedly susceptible to.  Peopel tend to
blame it on poor Q&A and coding.

>
> I understand now that the "man in the middle" attack is not the router's
> responsibility.  But that doesn't mean that I can call myself 100%
protected
> from an outside attack with the firewall/router.  This isn't a paranoia
> thing; I understand there are risks in everything, but when something is
> truly 100%, then I don't even think about the other possibilities.  And,
if
> I am to be security-conscious, I have to understand the possibilities.
> Which is why I am asking all of these questions and truly appreciate all
of
> your responses!)

You can never call your self 100% protected.  The only your computer is 100%
safe from internet intrusion is to not have it plugged in at all.  With
security of ANYTHING, it coems down to worth and return.  Sure, you could be
a lot safer with a $500 piece of software runnig on your system, but is it
really worth it?  If so, is $10,000?  There is always a threshold poitn
where the security you have is "enough" for the time, effort and cost.

> You bring up a good point, David.  Why isn't all internet traffic
> SSL-encrpyted nowadays?  Isn't the overhead a non-factor with today's
> systems?

It isn't jsut baout bandwidth and processor.  Cost is part of it.  Why would
I want to shell out $2000 to encrypt my static webpages.  I mean, you put
them for the public to view to begin with.




As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.