Script Kiddies III - Grilled KiddieWritten by Michael Bloch
In my previous articles, "Script Kiddies - Vermin of Internet" and "Script Kiddies II - A warning to parents", I described Script Kiddie problem.This article contains information for web site owners and surfers regarding what to do when your system is continiously "probed" from same source, or if your site is compromised. Who you gonna call? KiddieBusters? (could be a good name for a web site?) If you are running personal firewall software while surfing, you can actually do something with logs. You can send them to your ISP along with an incident description. They may be able to chase it up on your behalf. Better still, if you can identify IP address using a tracing program, send firewall log with trace results to owner of that address along with time, location etc. I run traces on some of my logs, but this can also be a bit dangerous as there is a possibility that owner of address detects that you are "pinging"* them and therefore revealing your own IP address. Properly configured firewall software can minimise danger of this. Also, IP address shown does not necessarily mean that it is Script Kiddie themselves. There are various cloaking devices that Kiddies use to hide their true origin, or may only refer to service they are using to launch attack. But it doesn't hurt to send IP owner a polite email to serve as an alert, especially if you have been able to establish a repetitive address. How to write email? The following is a message I recently sent to an ISP. (the IP and port numbers have been replaced with x's). ------------------ Greetings, I have been receiving a number of warning messages over last couple of days from my firewall software regarding an xxxx scan which seems to be originating from your service. Even as I am typing this I am receiving numerous warnings. It is currently 6.20pm Adelaide time, Monday 12 February. Could you please look into this for me as it is becoming highly annoying. Last night I had around 80 such warnings in 1 hour. Thanks. Below is my log of some of these scans and copy of trace results. GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx,TCP FWIN,2001/02/12,18:15:18 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx,TCP FWIN,2001/02/12,18:19:00 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx,TCP FWIN,2001/02/12,18:19:08 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx,TCP FWIN,2001/02/12,18:19:38 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx,TCP FWIN,2001/02/12,18:19:38 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx,TCP FWIN,2001/02/12,18:19:54 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx,TCP FWIN,2001/02/12,18:19:56 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx,TCP FWIN,2001/02/12,18:21:00 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx,TCP FWIN,2001/02/12,18:21:04 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx,TCP Please contact me if you require any further details. ---------------------- I also attached my "traceroute"** results, but have not included them here as they identify customer number. The ISP responded to my message and said that they had "contacted" customer. I received no further scans. It isn't just casual surfer who is affected by Script Kiddies. Web Site owners are often target of "vandals", also known as "Web Crackers". Web cracking is a popular Kiddie past-time. These individuals derive great pleasure from making changes to your web site without your knowledge. They access authoring rights to your site by "stealing" your password in a variety of ways. It isn't financially,politically or religiously motivated, it's just vandalism.
| | How To Handle Ezine Overload...Without Turning Into An Ezine Junkie!Written by Roger J. Burke
This article may be freely used in ezines, on websites or in e-books, as long as by-line is left intact.Notification of publication would be greatly appreciated, and if possible, a copy of relevant ezine or newsletter. Please send notification to: mailto:webmaster@online-wealth.com --------------------- The good thing about ezines is there are a lot to choose from; bad thing about ezines is also there are a lot to choose from! If, like many others, you subscribe to many ezines, sheer number coming at you can be daunting. Every day, every week, day in, day out - whew! What to do? How did I get myself in this fix, in first place? I was spending so much time reading, categorizing, printing and filing a mountain of ezines, our home office was beginning to look like a used paper factory! Sometimes, I'd wonder if I was turning into an ezine junkie! "That's it!" Sherry says one day, "YOU gotta do something about this monkey on yer mind! Today already! I can't find door to bathroom, fer Pete's sake." She glares at me...I looked around - it wasn't quite that bad, but I could see her point. So, I did. First off, I took more notice of SUBJECT line of every email, instead of just eagerly, madly, desperately, clicking on every one. Pretty soon, I found out that ones that were ALWAYS IN CAPS were of little or no use, so I didn't bother reading them any more. Those that included ezines were quickly consigned to UNSUBSCRIBE basket. That still left a heckuva lot of ezines! Hey, that SUBJECT line is pretty cool - why not scan through all of those first and see which ones *really* grab me? Which of them are really talking to *me*? So, I did. Hmmm, this is interesting, some of those SUBJECT lines are really vague, or outrageously pompous, or unrelated to my interests, or just plain dull. Tap, tap, click, click - gone. Oh, what a relief! The UNSUBSCRIBE basket was growing and my fingers were flying! "You've still got a long way to go," Sherry says darkly, as she fills up another garbage bag of ezine litter. Sherry was right: That cut things down a fair bit, but still not enough - I could FEEL Sherry's eyes boring through me as I then reviewed each ezine. Nervously, my finger hovered over mouse button - TD (To Delete) or Not TD, that's question? Hey, is there a Table Of Contents I can look at and perhaps find out if there is something that *REALLY* grabs me? Maybe I should scan that first? So, I did. What, this here ezine has NO Table Of Contents! I've been wasting my time, wading through this stuff, trying to find something *really* interesting, useful or informative? Click, gone! What about next: hmmm, yes, here's a Table Of Contents, quick scaaan, yes, hey, that's an interesting headline, I'll look at that. HOLD THAT EZINE! Next, please!
|