In comp.os.linux.advocacy, Roy Schestowitz
<newsgroups@xxxxxxxxxxxxxxx>
wrote
on Tue, 16 Jan 2007 16:22:56 +0000
<3464115.Y2ijFiDqr3@xxxxxxxxxxxxxxx>:
> __/ [ [H]omer ] on Tuesday 16 January 2007 15:18 \__
>
>> Roy Schestowitz wrote:
>>> We have just disconnected a guy whose LAN had 15000 connections with
>>> 178GB. He is using Windows XP. Is it at all surprising that servers grind
>>> to a halt and sometimes collapse under heavy load? This affects tens of
>>> thousands of people. Anyway, I told him not to be alarmed. It's probably a
>>> passive action, but things used to be easier when you could deal with the
>>> criminal directly, not with victims.
>>
>> That beats my server :)
>>
>> ~]# i=0; while [ $i -lt 16 ]; do let i=i+1; echo -n "Hacking attempts on
>> Jan $i = "; cat /etc/hosts.deny | sed -e "s/Jan\ \ /Jan\ /" | grep "Jan $i
>> .*2007" | wc -l; done
>>
>> Hacking attempts on Jan 1 = 97
>> Hacking attempts on Jan 2 = 123
>> Hacking attempts on Jan 3 = 117
>> Hacking attempts on Jan 4 = 201
>> Hacking attempts on Jan 5 = 217
>> Hacking attempts on Jan 6 = 122
>> Hacking attempts on Jan 7 = 118
>> Hacking attempts on Jan 8 = 154
>> Hacking attempts on Jan 9 = 136
>> Hacking attempts on Jan 10 = 137
>> Hacking attempts on Jan 11 = 152
>> Hacking attempts on Jan 12 = 564
>> Hacking attempts on Jan 13 = 31
>> Hacking attempts on Jan 14 = 133
>> Hacking attempts on Jan 15 = 116
>> Hacking attempts on Jan 16 = 98
>>
>> Nmap informs me most of these are Windows zombies.
>
> About 4 years ago (1..2.. maybe just 3) Universal Studio filed some
> complaint, so we had to suspend one guy's connection and fine him. He was
> sharing files, so I had no sympathy. In this new case, on the other hand,
> the guy went home to China, so apparently his computer was cracked and went
> berserk. The network is being clogged up. As a matter of fact, many of the
> clusters are now switched off during the holidays "for security reasons"
> (zombies on the JANET multi-gigabit backbone). Why can't a PC just be? Why
> must a connected computer be a possible hazard that disrupts daily
> operations?
>
An unattended PC is always a risk; it's a bit like leaving
a backhoe unattended at a construction site and having
someone drive it off and dig up a pipe. Of course, one
can mitigate the PC's risk; the simplest method of course
is to install Linux on that PC. :-)
(Mitigating the risk of the backhoe being driven off is beyond
the scope of this newsgroup. :-) )
There are other possible solutions, such as installing
a NAT router in front, putting additional software
on Windows XP that can at least detect malware, and
advertised solutions such as Barracuda Networks --
http://www.barracudanetworks.com/ -- which is more or less
putting a box in between XP and the Internet.
How effective any of these are, I for one do not know, though
Linux at least I know can be locked down.
--
#191, ewill3@xxxxxxxxxxxxx
"640K ought to be enough for anybody."
- allegedly said by Bill Gates, 1981, but somebody had to make this up!
--
Posted via a free Usenet account from http://www.teranews.com
|
|