digg

Facebook Connect Join Digg About

Hackers Attack Every 39 Seconds

livescience.com Computers are under nearly constant siege, a new study shows.

Who dugg this? Made popular Feb 8, 2007

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

53 Comments

show profanity settings
expand all
  • idandfei, on 10/12/2007, -2/+59Wow! When do they find time to eat or go to the bathroom?
  • drvelocity, on 10/12/2007, -1/+37Is it just me, or does the title "Hackers attack, like, every 39 seconds" just fit so much better?
  • GawtMilk, on 10/12/2007, -0/+30No. Script kiddies attack every thirty nine seconds. "Hackers"? Not in the traditional sense at least -- very few exploits are done through actual 'hacking' thesedays. It is usually some 14 year old kid who's date runs on Energizers. The people who actually know what they are doing can make FAR greater amounts of money working for technology companies PREVENTING hacks then they can by getting Grandma Smith's Mastercard number.
  • Virak, on 10/12/2007, -2/+32They hack on the toilet, and their mothers bring them food. I haven't figured out how they deal with the problem of sleep yet, but I suspect they may be using a new experimental drug called "caffeine", which can keep them awake for unnatural lengths.
  • raynar, on 10/12/2007, -1/+29Wow. How stupid and obvious.

    I like the final paragraph... "To protect against hackers, security experts advise choosing longer, more difficult passwords with combinations of upper and lowercase letters."

    I wonder how much these "security experts" make.
  • Coltron, on 10/12/2007, -2/+29Hold on a sec? hacking from the toilet?
    Do they have some sort of mobile computer that can fit on their lap?
  • meshman, on 10/12/2007, -1/+21"Hackers attack computers every 39 seconds, according to new research."

    Our firewall gets raped on a regular basis. I've had small business servers that are under constant attack. Right now, some jackass is trying to log into our main FTP site under the (non-existent) username of Administrator. But:

    "I'm glad I don't run Windows, I guess I'm not brave enough."

    We do. In the past 7 years, not one virus or worm has made it into our network (with one exception of a user clicking on an email attachment). All we do is run a reliable firewall and keep the servers patched consistently. The firewall is being attacked almost constantly but always in futility. I'm not saying we're perfect and inpenetrable but jus because hackers are attacking every 39 seconds doesn't mean they're successful. I'd say the story is somewhat inflammatory. It's not THAT bad of a situation.
  • LucasKane, on 10/12/2007, -1/+18In the article they're attacking Linux machines
  • monergism, on 10/12/2007, -2/+18Scripts attack networks. Which networks every 39 seconds? A port scan? Is that an 'attack'?

    Stupid FUD.
  • justice7, on 10/12/2007, -3/+18what is wrong with running windows? A windows system that is properly administered can be quite secure.
  • justice7, on 10/12/2007, -0/+13okay every 39 seconds doesn't mean someone is trying to connect to YOU and is live looking down the wire at your PC. It is scripted, and automated. It is looking for vulnerabilities. If none is found, it quickly moves on to the next.

    It is quite literally the equivalent to a thief checking doors to see if they are locked.

    You want to be secure? Easy.

    1. Keep your system behind a router on its own network. Make sure you have NAT'ing on. If they can't hit your machine directly from the outside -- instead they hit a router. Most routers will act as a firewall as well, and they do a very good job at it. Port scanning then becomes useless (unless you have a port forwarded)

    2. Ensure your system is up to date. Don't run out of date software which is vulnerable to more exploits than it needs to be. Most hackers use old known exploits to gain access to vulnerable systems; don't let yours be one of them.

    3. Use good passwords, this one is pretty simple; anything but a dictionary word should suffice (pass phrases are advised though, more than one word)

    4. Make sure you have anti-spyware software and anti-adware software on your system. Sometimes even spyware contains vulnerabilities, and when it phones home, it opens up ports -- which can sometimes be exploitable -- so be rid of them if possible.

    5. Practice safe surfing, don't give security exceptions to websites you are not sure of. I recommend Mcafee Site Advisor to help figure out if a site may contain malicious code.

    6. Use common sense. Even a windows box can be secure -- and even a linux box can be insecure. (Macs too!) *dodges incoming fanboy shrapnel*
  • awm4, on 10/12/2007, -5/+17I don't attack every 39 seconds
    Oh wait, I thought it said Slackers. My bad.
  • phynixx, on 10/12/2007, -0/+10@bassmastr

    "Who can't live without a hacker?"
    Everybody in IT that has to maintain computers and networks make their money in-part b/c Crackers do what they do. If you're in IT be happy they're around b/c you're getting paid for it.

    "They are loosers with too much time on their hands who don't succeed in real life so they hop on the internet and live out their pathetic lives...by messing with other people's stuff."
    The 'pathetic loosers' that are good at what they do are often sought out by organized crime groups and paid more money in a week then you & I probably make in a year. Others get good at messing with other people's stuff and later go on to work for law enforcement doing things like protecting kids from online pedophiles, etc. Either way they make a good living. BTW, thousands (if not millions) of people make their living over the internet so it's probably safe to consider it 'real life' now.
  • eurofooty, on 10/12/2007, -0/+10I find it a nice way to meet new people.
  • a0me, on 10/12/2007, -8/+15Every 39 seconds I don't know, but thanks to Bill Gates I know that nowadays, security guys break the Mac every single day.
  • trghpy, on 10/12/2007, -0/+6hackers or automated hacking attempts?
    I'm more afraid of real hackers than I am of their automated hacking attempts...
  • Akaji, on 10/12/2007, -1/+7I think FUD is being thrown around way too much these days.

    We need to get some FUD about FUD so that people stop saying FUD.
  • adriantr, on 10/12/2007, -0/+5Thats the thing, they never do...... Special offices chairs with holes in :P
  • berwiki, on 10/12/2007, -3/+8totally bra!
  • MacParrot, on 10/12/2007, -1/+6KillerX, dugg down for being flamebait
  • zadadka, on 10/12/2007, -2/+7Agree with Meshman.
    I run a Windows site for a (very) major rockband....suffice to say this band's fans are of , how shall I put this?...dubious mental stability.
    I have no specific hardware or software firewall, nor do I even run ISA.....just a nice simple Routing and Remote Access NAT between Internal & External NICs, and in 6 years, no problems at all.
  • danswayuk, on 10/12/2007, -1/+5I have read about his a lot already but "Hackers attack, like, every 39 seconds" is the best title yet
  • LetsGoHawks, on 10/12/2007, -1/+4Sounds like my home setup. XP with the Windows firewall. My Netgear wireless router has 2 firewalls in it, plus whatever the DSL provider does to prevent attacks (probably nothing).

    No anti-virus or anything like that. Just a little common sense about what not to click on.

    Every month or two I run SpyBot/Adaware and a free online virus scan. That worst it ever finds are tracking cookies.

    Come to think of it, in 16 years of owning PC's the worst virus I ever had was something I picked up from a borrowed floppy disk.
  • rbanffy, on 10/12/2007, -0/+3@LucasKane,

    It's much easier to set up a Unix box so that it can be hacked in a controlled way - they needed to show an example. Attacks that attempt to exploit Unix flaws are also much easier to understand and explain.

    Had they used a Windows box, chances are it would get hacked in the wrong way before they could show what they wanted. It can really come from _any_ direction.
  • marct1974, on 10/12/2007, -0/+3No need to leave the bathroom

    http://www.rotorooter.com/john/index.php
  • f00xx0riz3r, on 10/12/2007, -1/+3"no"
  • dbr_onix, on 10/12/2007, -0/+2Exactly, it seems like that number (39 per second) is randomly made up : There is probably thousands of automated attacks every second, and how you'd differentiate automated scans from "someone" trying to attack a machine? If the number is based on a single machine (which is stupid), or a range of machines owned by the same person (More likely), chances are they are in the same "IP-area", your IP range would affect how many automated scans make it to your IP - Someone with 1.1.1.1 is far more likely to get scans than someone with the IP 200.200.200.200, and more popular ranges (Like those used by, say, AOL) are going to get more scans than some unknown companies IP..

    Ignoring the obvious.. stupidity of the article, I don't really see it's point, other than the obvious "people try to hack internet-connected machines using brute-force scanning", but regardless, anything that encourages people to use better passwords is a good thing
    - Ben
  • BassMastr, on 10/12/2007, -0/+2"The 'pathetic loosers' that are good at what they do are often sought out by organized crime groups and paid more money in a week then you & I probably make in a year. Others get good at messing with other people's stuff and later go on to work for law enforcement doing things like protecting kids from online pedophiles, etc. Either way they make a good living. BTW, thousands (if not millions) of people make their living over the Internet so it's probably safe to consider it 'real life' now."

    You and I don't have the same definition of hacker. As far as I'm concerned...if you aren't breaking any laws...then you aren't a hacker. (others probably have other defs) Yes there are a ***** load of people who make money on the Internet 99% of them are not hackers. I have a problem with the ones send out viruses, hacking in to others computers, phishing, and anything malicious. And I have a hard time believing anyone else likes the people mentioned above either...

    I'm sorry if I made it sound like anyone who spends a lot of time on-line is a loser...I only meant that for the criminals. I'm digger. Who am I judge others who spend to much time on the Internet. Sorry if I came across as otherwise. I make an honest living so I get really pissed at those who don't.


    @

    Thank you for correcting my spelling...my bad.
  • ewy99, on 10/12/2007, -0/+2Taken From http://news.cnet.co.uk/gadgets/0,39029672,49287509,00.htm:

    Roto-Rooter, a US plumbing company, has launched an online competition for its 'Pimped-Out John', a bathroom throne for the gadget junkie. The fully loaded Kohler commode comes with (deep breath) a Philips 20-inch LCD TV, a Philips DVD player, Star Wars on DVD, an Xbox 360, a Gateway EMachine laptop with a robot arm, an iPod with a docking station equipped with a toilet-paper dispenser, a TiVo, a stocked Avanti refrigerator with beer on tap, a magazine rack and subscriptions to Sports Illustrated, ESPN and GQ, a bike-pedal exerciser, a cup warmer/cooler and a Roto-Rooter emergency service button.

    Enter to Win At: http://www.rotorooter.com/john/entertowin.php

    Edit: marct1974 be me to it!
  • SilverRocket, on 10/12/2007, -0/+2Flame me with "security through obscurity" comments, but since I moved my SSH telnet port from 23 to a different one, I haven't had a single attempt at logging in. This after getting hit AT LEAST a few days a week with hours upon hours of break-in attempts.
  • sv650touring, on 10/12/2007, -0/+2You do have a point. I despise trying to work on someone else's computer and finding out that any time I click something, Symantec or McAfee need to pop up and ask if I want to Block or Allow. Oh yes, and I just love it when any time there is any change to anything, the System Tray just lights up with balloons "Your network card has been disabled to save power" and "Your internet connection has been restored" and "This computer runs like crap from all this garbage software"
  • ronin2040, on 10/12/2007, -0/+1too bad i cant do that with my FTP server, its whole purpose is to get helpdesk software to braindead clients.....every few hours, some dumbass script tries to break in...

    the internet can be a really nasty place....
  • surgen, on 10/12/2007, -2/+3Correction: delicious famebait.
  • dbr_onix, on 10/12/2007, -0/+1Yeh, changing default ports on things like SSH is a good idea (As long as you don't, say, run it with a blank-root-password, or run a version that's 4 years old etc..) - Scanning the entire internet for port 22 with the user "test" and password "test" is *far* easier and a *lot* faster than scanning 65 thousand~ ports for every machine online. Doesn't work for everything (particularly web-servers, and other things accessed by "normal users")
    Although, even running on the default port, it should be secure - Changing the port is good for keeping "log-noise" down, which can be good for narrowing down slightly more determined attacks (Like noticing someone trying a few passwords on a known account, from a previously unknown IP address is far easier to see without 200 brute-force attempts around it)

    On the subject of brute-forcing, there are lot of applications which prevent it by limiting the number of tries a particular IP has before it's blocked : Fail2Ban, and DenyHosts are good. (I know DenyHosts can work for pretty much any application that writes failed-logins to a file, so would work with most FTP/web/POP3/SMTP/etc servers).
    Although, people do forget passwords sometimes, and the FTP server suddenly refusing to connect after they try ~3 passwords can be annoying for some users (A notice saying "You will be temporarily banned after 3 failed logins" might solve it to some degree)
    - Ben
  • BassMastr, on 10/12/2007, -0/+1@Mariogl91

    You are 100% correct. I didn't know that. Thanks for the link. I didn't know the definition was so broad. I has always called them engineers and computer scientists. I will add it to my repertoire.
  • donatj, on 10/12/2007, -0/+1My server gets hit 10/20 times a minute... that can't be right
  • thoughtcancer, on 10/12/2007, -1/+1i was going to write something about how....never mind...times up..
  • burty89, on 10/12/2007, -2/+2"Sounds like my home setup. XP with the Windows firewall. My Netgear wireless router has 2 firewalls in it"

    You may be running Windows XP on your desktop, but there's a good chance that your desktop is hiding behind an embedded version of Linux running on that router.
  • defunct123, on 10/12/2007, -2/+2bassmastr - It's "losers" not "loosers" you ***** plum
  • justice7, on 10/12/2007, -2/+2flamebait.
  • bliz, on 10/12/2007, -1/+1hacker != cracker
  • mariogl91, on 10/12/2007, -1/+1@bassmastr
    You don't even know what a hacker is...

    http://www.catb.org/~esr/faqs/hacker-howto.html#what_is
  • inactive, on 10/12/2007, -1/+0damn russian teenagers
  • justice7, on 10/12/2007, -4/+2OMG I CANT READ UNLESS IT IS IN CAPS!!1!!!!!!!ONE!!!ONE111OEN!!!

    redundant!
  • Dgen_X, on 10/12/2007, -15/+11I run windows...along with the firewall that comes with XP SP2....never had a problem
  • lagrange, on 10/12/2007, -8/+3Every unsolicited packet is not an attack.

    Unless you sell firewall software, then ITS AND ATTACK ITS AN ATTACK SUB-ZERO TROJAN ATTEMPT #12309102 EGGDROP BOT BACKDOOR BLOCKED, YOU LIFE SAVED!
  • PRlME, on 10/12/2007, -6/+1i dont see whats the problem. so what if they hack think of it as there
    testing your system. If you did not put ya site on lockdown that your fault.

    Support:
    http://www.hackthissite.org/
  • inactive, on 10/12/2007, -8/+2"To test how hackers break into computers, Cukier’s team set up weak security on four Linux computers connected to the Internet and monitored hacker attacks."

    So basically they just used Ubuntu out of the box.
  • Coltron, on 10/12/2007, -8/+1Is this really news? I mean, How often do I exceed the speed limit when driving? probably continually.

    The real news would be how many of these attacks are successful in breaching and obtaining secured information?

    http://www.halotis.com/
  • BassMastr, on 10/12/2007, -16/+3Who can't live without a hacker? They are loosers with too much time on their hands who don't succeed in real life so they hop on the internet and live out their pathetic lives...by messing with other people's stuff.

  • Fetching more discussions...
    Show 51 - 53 of 53 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.