It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Originally posted by sean
Originally posted by tetra50
Microsoft/Apple, whatever....they all have backdoors for remote control. Take a look at the current patents on all things computing......
Everyone seems to think that computer networks are security conscious, more than paper or anything. Nothing could be further from the truth. It was why this computational universal connection was created, after all.
The government created the internet as a spy highway and so here we are being spied upon.
Originally posted by sean
reply to post by StargateSG7
...Anyways, there are favorable benefits to static over dynamic. If you are running a server you wouldn't want it's IP constantly changing every time the lease runs out. Then all your IP's that is stored in your software will be incorrect and you will have to constantly change it. Changing mac address on the router constantly will cause more problems than it's worth. Typically you are going to probably pull a new IP down from your internet provider which will probably knock your network down for a while till everything is back up. I only do that if it's absolutely necessary and you are being DDOS or something nasty going on. Most internet providers are pretty good at keeping you set to your same WAN IP regardless of what your mac is. It sometimes can be hard to push it back to the IP pool. As an example I have had my so called DHCP IP from my provider now for about 5 years. I have gone through 3 routers as well as 3 Modems and done lots of mac cloning in between that time I am sure.
Yes, scan mapping a network is possible, but the buck stops at the NAT router. I don't enable port forwarding on some servers until I am actually going to use them and most are just VM's and are shut down completely until used. Most hackers scanning a network are looking for known default ports that are opened such as 21, 22, etc. You don't have to run a server on those default ports and if you are then enjoy all the knocking on your back door constantly. It's best to change them. Also turning off replies in the router as well as UPNP. Turn off WPS (wifi protected setup) Or get a router that doesn't even have it. Sometimes turning it off it really doesn't turn off. Majority of routers out there are exploitable because of WPS even if you have WPA/WPA2. Most can be hacked in under 2 hours. Best to get a router capable of handling 3rd party firmware such as DDWRT or Tomato. A lot of routers cannot use DDWRT and cannot be updated to fix the exploit and basically you need to junk it and buy a new one.
If some noob is scanning your network on all ports then alerts are going to be popping up left and right and everything is going to be logged either in the router or on the soft firewall. Someone doing a deep scan on all ports is more than likely going find himself being scanned and his internet provider notified.
Furthermore, put a server on a double NAT network for extra security especially something like a Web Server you are hosting yourself. Put it on a subnet of it's own or in a DMZ. So if the one network is ever compromised no traffic can be traversed back through to the network that is hosting file shares etc. let the public server fend for itself.
That sums it up for me.edit on 17-7-2013 by sean because: (no reason given)
Originally posted by tigershark1988
An uninformed question: What is a security hole?
Originally posted by sean
reply to post by StargateSG7
I was mainly talking about a typical home private network. All the things you mentioned is nice and comes with a hefty price tag. All that security is great, but the NSA forces themselves on MA BELL down the the street controls the root of all connections so there is no stopping them from placing a tap. You could always launch your own satellite up into space and create your own internet lol.
A friend of mine used to be a electrician till the jobs went sour so he got into IT bought out a small computer repair shop etc and done a little work for some large networks in the area. We got a great deal on renting some game servers etc, but eventually he got FTTH and hosted himself. He's on east coast in NY I am on west coast. The latency was yuck. Often we would get something in between like a Colorado server. You can see trace roots going to the same points for no reason other than the GOV spying on everything.
Some of them was blatantly obvious It would be something like Colorado, Washington DC, Seattle Washington, down to California, back through Seattle, Back through Washington DC and back to Colorado. LOL The DC connection is obvious but whats in Seattle? Well Microsoft, FBI main HQ, NSA main HQ god knows what else. so there is no stopping the gov tapping main trunks. So just make darn sure your stuff is wrapped up tight with hella encrpytion.
Originally posted by Maxatoria
These days there shouldn't be any need to route stuff just to tap into it...routers have port mirroring so whatever goes up/down one cable will be sent down another (to the boys at the NSA to have a look over) and you can even do the same with fibre optics but will be just as easy to mirror it down a copper cable than have to start work on the actual fibre optics and it'll be very noticeable to anyone looking into the cabinet compared with just another network cable running away somewhere
Originally posted by iwilliam
Originally posted by andy06shake
That svchost.exe can be a real resource hog sometimes, guess now we know why!
Seriously. I've wondered about that, myself. Sometimes this process takes up quite a large % of my CPU.
At different periods I have also seen more than one svchost.exe process running.
Are we sure, if this is indeed connecting to microsoft, that it doesn't just have to do with "Windows Update" or whatnot? IME Windows update can be pretty intrusive / aggressive sometimes.
Anyway, back to the process... speaking of multiple processes, a couple of the times I've seen multiple instances of svchost.exe running, I was under the impression / belief that my system was infected, and that this process might have been part of that infection. Actually, I think I recalled reading somewhere that sometimes a virus will disguise its running process as "svchost.exe." But don't quote me on that one....