From owner-freebsd-questions Fri Jun 8 9:49:49 2001 Delivered-To: freebsd-questions@freebsd.org Received: from tao.thought.org (sense-kline-248.oz.net [216.39.168.248]) by hub.freebsd.org (Postfix) with ESMTP id 1352537B401 for ; Fri, 8 Jun 2001 09:49:46 -0700 (PDT) (envelope-from kline@tao.thought.org) Received: (from kline@localhost) by tao.thought.org (8.11.3/8.11.0) id f58GnNi03193; Fri, 8 Jun 2001 09:49:23 -0700 (PDT) (envelope-from kline) Date: Fri, 8 Jun 2001 09:49:23 -0700 From: Gary Kline To: Ted Mittelstaedt Cc: Bill Moran , patl@Phoenix.Volant.ORG, Josh Thomas , freebsd-questions@FreeBSD.ORG Subject: Re: IPFW rules and outward connections Message-ID: <20010608094923.A3102@tao.thought.org> References: <3B200EEF.86F950D1@iowna.com> <001201c0efda$63e90b20$1401a8c0@tedm.placo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <001201c0efda$63e90b20$1401a8c0@tedm.placo.com>; from tedm@toybox.placo.com on Thu, Jun 07, 2001 at 10:18:02PM -0700 X-Organization: Thought Unlimited. Public service Unix since 1986. X-Of_Interest: Observing 15 years of service to the Unix community Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Jun 07, 2001 at 10:18:02PM -0700, Ted Mittelstaedt wrote: > I'll relate a recent story security and access lists that may > interest some folks. > [[ ... ]] > This is the kind of mentality that your dealing with, with most crackers. > Sure, there's some really good (or warped) crackers out there who would > have reactivated their little toy in seconds. But these people aren't > going to waste their time on something like this site. The real mentality > that your dealing with, with 99% of these crackers out there are people > so dumb that they cannot even make a simple port number modification in > their code. They barely have any understanding of networking technology and > even crude and simple access lists are beyond their comprehension. All > they do is to follow some recipies that their betters have put together > for them, and if something goes wrong and the recipie doesen't work, they > have no idea how to go about fixing it (or breaking the system, depending > on your viewpoint) and so they just move on to the next easy-to-compromise > system. > > This is really the situation of the street where half the homes lock their > doors and the other half don't. There are so very many ancient Linux or > unsecured Windows systems out there that if you make even a modicum of > effort > to lock your door, since most crackers are basically morons, they are > unable to deal with the situation and just move on to the next house/system. [[ ... ]] > [T]he point is that Hollywood makes it out that all crackers are > super-sophisticated > technologists that know computer systems back, forth and upside down, and > that to block them you have to have super-sophisticated methods yourself. > But, the reality is that most crackers are morons and even simple > filters and blocks that aren't themselves that good, present enough of an > obstacle > to these people that they won't be able to figure out a way around them. > Thanks for your tale. It supports my theory that the overwhelming number of crackers are adolescents (of whatever age) who have time on their hasnds. --Of course this does not sell newspapers, air-time, or movies... . gary > -- Gary D. Kline kline@thought.org www.thought.org Public service Unix To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message