PDA

View Full Version : remote hacking



vicmeldrew
29th November 2004, 09:34 AM
Is it possible to to have your machine (and internet account) hacked remotely without a firewall? How would youn know? The reason i ask is that in activity monitor shows uploads and downloads with no input my part.

iSlayer
29th November 2004, 09:38 AM
yes.
have you closed the ports for ssh and remote login.

Disko
29th November 2004, 09:40 AM
Originally posted by islayer@Nov 29 2004, 10:08 AM
yes.
though it is highly unlikely.

Is your account password protected?

iSlayer
29th November 2004, 09:46 AM
if you have remote login access is extreamly easy to hack a password.
anyone with a brute force cracker can break it.
it takes along time but it can be done(trust me)
i tested my system to check for backdoors on my web and sql servers.
it found them

i no longer have the software and never did ;)
i had someone do it for me :)

vicmeldrew
29th November 2004, 10:03 AM
I hane tied openning remote access but keep getting a messagge it is not supportted by OS 9
What worries me is that the RA was modified about the time i got my broadband connection
(unwired- apart from a couple of start up problems (cookies had to removed) it has been really good)

thanks a lot richard

internet
29th November 2004, 10:53 AM
Originally posted by islayer@Nov 29 2004, 09:46 AM
if you have remote login access is extreamly easy to hack a password.
anyone with a brute force cracker can break it.
it takes along time but it can be done(trust me)

more likely that the service on that port will be exploited, rather than brute forced.
i'm not sure what version of SSH ships with 10.3, but i am sure that there has been several vulnerabilities found in openSSL/SSH over the past 18 months.

i'd use an access list if you did want to use remote login (/etc/hosts.allow and /etc/hosts.deny), or completely disable it if not needed

brute forcing a well written alphanumeric (l1k3 7h15) would take way too long.

probably 90% of security incidents i see are remote exploits of vulnerable software that could've been prevented by patching or disabling the service.
same applies for os x IMO

so in other words - turn your apple firewall on and turn off remote login and anything else not needed (http (personal web sharing), etc)

iSlayer
29th November 2004, 10:59 AM
and run little snitch if you have it.

and dont use common word passwords !!!