Lotherius Lotherius

A Hacker's Paradise

A Hacker's Paradise

Do you know how vulnerable your system is?

My GMail password was stolen and my account taken over by Russian Hackers who tried to extort money out of me. This of course led me to ask HOW, on my system with my careful attitude to everything, they got hold of my password.

What I've found is that there are more security holes in software than even my paranoid mind suspected. I figured that a fully patched Vista, running Nod32 which is arguably the best antivirus around, Windows Defender, SpyBot S&D, a hardware firewall, firefox instead of IE, etc, I would be pretty safe. Then my Google & ICQ passwords got stolen from the Accounts.xml file of Pidgin, which is smartly stored right there all in plain unencrypted text, ripe for the picking. But I still wasn't sure how they got the file.

I'm not saying I will ever know WHICH security hole was used. But I've found several. Firefox 2.0.0.12 has a known "Directory Traversal" bug, but it is claimed to be limited to the extensions directory only so maybe it wasn't that. There's a keygen I used, but that keygen has been available for TWO YEARS, so if it had a trojan in it, you'd think it would come up when submitted to 32 different scanning engines, but they all found it clean. A Roadrunner technician required me to disconnect my hardware firewall/router before he would help diagnose my connection the day before my passwords were used to take over GMail & ICQ. I forgot to plug it back in for 12 Hours. Going without a firewall is bad, but that would imply there was a hole in a fully patched Vista system. If there is, it is unpublished. Published exploits are much more frequently used. So what software on my system contains published exploits?

Adobe Flash Player. In December, an update was released that upgraded users to version 9.0.115.0. The patch fixed several security flaws.

Unfortunately, version 9.0.115.0 of Flash Player also has a known bug - with certain ATI video cards, you cannot go full-screen with Flash Video. That means no full-screen YouTube, CBS Evening News, etc, because almost everyone uses Flash Video on the web.

So I had reverted to version 9.0.47.0 of Flash Player. It worked.

Apparently, it was also a veritable hacker's paradise. The short list of risks: "could lead to the potential execution of arbitrary code", "could potentially aid an attacker in executing a DNS rebinding attack", vulnerable to "privelege escalation attacks against web servers hosting Flash content", vulnerable to "potential cross-site scripting issues", "potential Universal Cross-Site Scripting attacks", "allow remote hackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks", "a potential port-scanning issue", "(linux) a memory permissions issue that could lead to privilege escalation", and un unspecified issue on Mac.

Whoa. And all of these are PUBLISHED EXPLOITS. Let's see... cross-site scripting, header modification, privilege escalation, DNS rebinding, and arbirtrary code execution. Is there anything they missed?

Yet, Adobe is dragging their feet on fixing 9.0.115.0, and actually recommending people revert to 9.0.47.0.

I believe I have just become a convert: Flashblock.

29,915 views 37 replies
Reply #26 Top
If you are unsure, test your pc security here WWW LINK to Shields Up You may be in for a shock
End of quote
took me to
http://ww23.rr.com/index.php?origURL=http://https


this link is not working for me tried ShieldsUp.com but did not look like the right place
and tried ShieldsUp.net and it would not load

please give me the web address here
thanks
Reply #27 Top

I once setup a computer with a fresh install of XP Pro ....and AVG...went online and downloaded the AVG sig update and logged off again.

Ran the update and scanned the machine...I was dirty already.  Probably online not much longer than a minute or so...

End of quote

Ditto. Installed XP, then installed my ISP software. As soon as that was operational I got hit by Blaster... So, reinstalled XP, but this time installed my firewall before the ISP software...

These days I run a NAT firewall and a software firewall.

Of course this works too:-

Reply #29 Top
Fuzzy Logic
End of quote



thanks

I aced all
Reply #30 Top
Aye, aced it too. Thanks for the link m8. Ill bookmark it for future use :)
Im pretty paranoid when it comes to my pc. I use bitdefender, spysweeper, advanced system optimizer and opera to browse. Spysweeper is expiring very soon though :(
Havent had a virus since the damn blaster virus, and that was when i formatted as well.

Dont know what to say about gmail.. never used it, my paranoia will not allow me to use it. I use my website mail instead. Has kept me safe from spam for a long time too. :)
Anyway, sucks to hear ya got hacked by the dirty filthy russians and their money schemes. I know someone who genuinely thought a russian woman, whom he had met on some site, had fallen for him. It was only when she started asking for money he started to get the idea.. And thats when i said "I told you so!" :D

Reply #31 Top
Just a reminder to anybody new to port checking. If you are behind a hardware firewall, and as is likely, haven't set up a DMZ that effectively removes the protection of NAT, then be aware that 'Shields Up' is reacting to the response or lack of it from the hardware firewall ports and not your local machine...

I know it's obvious, but it's a detail that seems to bypass the occasional user.
Reply #32 Top
Just a reminder to anybody new to port checking. If you are behind a hardware firewall,
End of quote


is that a router?

what do DMZ/NAT = ?

you did say
anybody new to port checking
Reply #33 Top
Of course this works too:-
End of quote


see picture in reply 27

Fuzzy Logic
you should put a patent on that :LOL:
Reply #34 Top
Just a reminder to anybody new to port checking. If you are behind a hardware firewall,is that a router? what do DMZ/NAT = ?you did say anybody new to port checking
End of quote


Hi DC,

A hardware firewall is often part of a router, but remains it's own component. It certainly doesn't have to be part of a router. That said, when using a router/firewall combo for example as a way of placing your computer behind NAT, your computer would have it's own local address - such as 10.0.0.1. and is protected from direct probing by external traffic, in a way that a computer that only has it's external facing IP (as provided by your ISP) isn't.

Depending on the make of your firewall, you may be able to assign that external facing IP directly to one or more of your local machines, eg. your computer, bypassing the benefits of NAT. Thus exposing it to unfiltered net traffic and leaving it reliant on whatever protection it has set up locally.

I've done this to test software firewalls for instance. The process of exposing services to the external facing IP is covered under the term DMZ. Noting of course that no part of a network thus exposed, is normally let to communicate freely with other local machines that are configured using NAT - and as such may be operating under the umbrella of the trusted zone, with any associated rights.









Reply #35 Top

Quoting DisturbedComputer, reply 32


Just a reminder to anybody new to port checking. If you are behind a hardware firewall,is that a router? what do DMZ/NAT = ?you did say anybody new to port checking

End of DisturbedComputer's quote

You almost never want to enable DMZ on your router unless you seriously know what you're doing. Doing so eliminates most of the benefit of having the hardware firewall in the first place, since it then passes all packets unfiltered on to your PC.

NAT is what consumer grade routers do automagically - Network Address Translation. It takes the network packets coming in to the router and "translates" them to your local area network - that is, it figures out which computer they need to be routed to on your network. The benefit of this is, if your PC did not actively request from a certain IP address on a certain Port #, then the router won't let that IP/Port communicate at all with your PC, protecting it from attacks aimed at specific vulnerabilities in windows.

Some consumer grade routers also offer additional firewall features, but NAT covers most basic situations.

Reply #36 Top
Thanks,
Alternate Setting
and
Lotherius

well I do know I am not on a local network well I think. No printer,file shearing etc.
I do have Windows Messenger Disabled and remote connect to this PC off.
In XP pro install I have it set to:
this computer connects directly to the internet (cable).

I do have a Linksys Router with XP Pro Firewall turned on.

pretty much what you two said Went over my head, faster then a cat in a room full of dogs. :SURPRISED:

but thanks for the info. :CONGRAT:


Reply #37 Top
I used FuzzyLogic's link to the testing site. I don't know how this is possible but everything that I tested came up absolutely perfect. the only thing that I'm using to defend myself is AVG free edition, Windows Defender and the Default Windows Firewall. Is it possible to "overdo" security because I'm using all free stuff and I'm getting perfect protection.... Oh, I'm also using CyuberSitter which is annoying parental control software that my dad put on my computer. I don't think that would block any viruses or help with the firewall at all though.