Part one? Yes this is going to be a multi post thread, due to the fact that I'm not long winded in my posts, and the importance of each piece of that puzzle. I'm almost certain I'll fold back over on previously discussed material eventually, but every experience comes with a story.
Everyone knows that computer guy who advice's you to change your password frequently. And everyone knows that guy who is stubborn, and swears he hates it because its confusing. Which it doesn't have to be confusing, but making it stupid... is well stupid. Here is the story.
As a computer guy I notice and see things happening on my network, if I'm for it, or against it, I can see whats going on. One day I noticed what looked like a port scan. For those of us who don't understand what a port scan is, its the port your services run on. Take your IP address, add a number to the end for a service, and that's how the service gets in and out of your house. Simple example, port 80 is your internet port, if you're hosting a website on HTTP, you can connect to that website via your external IP and that port number. 192.168.1.1:80 boom you're in. The problem with a port scan is, someone was trying to find all the ports I had opened, any potential port that was flawed. I was suffering network speed drops, and I'm not letting anyone hack me.
I went through my firewall and got the source IP of the hacker, can't remember what it was, nor do I care where it was. Opened up a command prompt window, ran telnet, and typed in "open [their IP address]". Low and behold... I connected to their router.
Rule #1 in most companies IT departments, disable telnet functionality, its unencrypted, transmits in plain text, its bad. Port 23 is BAD, turn that port off in your firewall. Use SSH on port 22, its encrypted folks.
I'm at the threshold of the business, I'm on their doorstep, only thing between me and their inner workings is a password. That's it, a blinking cursor that says "input administrators password". For the fun of it I type in "administrator", because lets be honest... you'd be dumb to make that you're password right? Sure it somehow isn't on the top most common list, but its damn obvious if you'd be that dumb right?
I was let in... administrator was the password.
DON'T MAKE DUMB PASSWORDS!!! (I'll go over this in part 2)
I got into a router with a few options, see who was online. I could've found who was trying to scan me and punish them dearly. That's just a bad idea, I can get in TONS of trouble for that. Or... I can rename the router, at least broadcast my message, this can be fixed by holding down that doofy reset button, but I get my point across. I change the name to "STOP_SCANNING_ME_AHOLE" and kick everyone off. For 3 days no-one logged back in...
Obviously I was dealing with a scriptkiddie, or an extreme amateur, but it was annoying. But the story is solid, don't mess with people you don't know what they're capable of, I was fully able to dive deeper and really mess with this kid, but I didn't, just broadcast the "leave me alone" protocol (which isn't real), and got down to business.
Part one will be just the story, the remaining parts will dive more into proper security for passwords and ports. Some for those willing to try something new, and some for those who just need some more knowledge. (hint they'll be about firewalls, ports, services, and passwords)
Blogger Comment
Facebook Comment