LISTSERV - HP3000-L Archives

HP3000-L Archives

January 2001, Week 1

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L January 2001, Week 1

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: My PC is on the Internet!
From:	[log in to unmask]
Reply To:	[log in to unmask]
Date:	Thu, 4 Jan 2001 18:28:21 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (51 lines)

X-no-Archive:yes
Thanks for the various replies. To the off list repliers who replied to my
work email, I'm glad to see that I'm not the only one who finds perverse
humor in all this. If you did reply to my home address, I'll see those when
I get home. Tom Ericson was on the right track with what I meant to ask
about, and thank you for not referring to "TCP/IP for Dummies" (which I do
own, but do not recommend).

Granted, this is a Windows PC, so would not normally support telnet or ftp.
Although I do have an ftp server running on another box on my LAN, but
didn't think that this would be visible via Windows Internet Connection
Sharing (ICS). And does ICS also give me one more way to get hacked? I did
know about the Personal Web Server, which I do not run and cannot see
needing to run. But then, if I did, what would be the advantage to me, and
what are the known risks? More importantly, what about smb? Not running file
and print sharing sort of defeats the purpose of having a LAN with Windows
boxes. I guess that's a good example of exactly the kind of risk / benefit
question I am asking.

And what are the other known risks that might not be known to me? Since I am
vulnerable to port scanning, what might someone near or far see, and what
kind of fun might they have once they've seen it? I would like to think that
all other things being equal, script kiddies will just keep moving, after
they've scanned my PC. But for all I know, my PC could easily be what the
janitor drives in Tom's Mary Kay analogy. Even with a presumably secure
password on a Windows share, there are probably scripts to just keep trying,
right?

I will point out that I would think that with dial up, the script kiddies do
not have the advantage of probing my system, and finding new ways to hack
into any vulnerabilities they might have found previously, and coming back
to the same IP address. Maybe this is not a realistic concern with always-on
connections. But I am going to start monitoring my IP address for my
always-on connection to see how often it changes, since I never shut off my
PC simply because it is unattended (trying to keep from falling too far on
my Seti@home scores). My lease expired two days ago, but I still have the
same IP address. I understand this to be normal enough for DHCP, to be able
to renew an expired lease.

Sometime I would like to buy one of the connection-sharing / firewall /
speed-sensing switches. It's on my list of nice things to spend between one
to two hundred dollars on, when I have the money to spend. I also want to
purchase the connection hardware that I currently just lease... Off-list
recommendations for and reviews of such devices are still welcome, since I'm
far from deciding on such a purchase.

Greg Stigers
http://www.cgiusa.com
Or maybe my friend did give me his IP address,
and I'm just trying to learn how to exploit it...

ATOM RSS1 RSS2

RAVEN.UTC.EDU