Coun mining malware

Dirty Dog

MT Senior Moderator
Staff member
Lifetime Supporting Member
Joined
Sep 3, 2009
Messages
23,363
Reaction score
9,102
Location
Pueblo West, CO
My point really was that if you have access to insert a disc the security requirements are different.
Out of the box, with no extra effort to 'secure', *nix beats ios beats doze from a remote access standpoint.
And, securing a machine against a bootable disc (round or usb) is OS independent.
If you can socially engineer access (click here for nudes), that's a whole lot easier than brute force entry too...

Bootable disks take too long. :)
It's not really brute force... Open a terminal window (or command prompt on Windows or MacOS) and type a one line command. Instant remote shell access. Without a password. At that point, there are hundreds of ways to make the shell persistent and escalate privileges. And it's easier to access other machines on that network than it is to access the first one remotely.
 

Xue Sheng

All weight is underside
Joined
Jan 8, 2006
Messages
34,275
Reaction score
9,392
Location
North American Tectonic Plate
Agreed. In my experience (which is certainly less extensive than yours), most peoples security is what is set out of the box. And 'out of the box', I think Linux (at least the distros I use) is more secure. Those who tweak things (on any OS) can make it harder, but nothing connected is unhackable, given enough time and commitment.
Even systems that are geared towards security. A buddy at work runs Parrot, which he thought was more secure. I plugged in. Owned. He was able to stop me eventually, but he was doing things that required foreknowledge of exactly how the script worked; i.e. he changed perms on a directory I was using to store a loot file to read only. So I changed to a different directory. Or I had the loot emailed to me at a throw-away gmail account.
Ultimately, he created a USB whitelist. That works, sure. And it's fine on a single user system. But as an enterprise solution, it's awfully cumbersome; nobody can throw work on a USB drive to take home, unless they come get a special one from you. Which they will inevitably lose anyway. Nor can they look at some PowerPoints from a seminar I went to.
The tighter your security, the more difficult it becomes to actually use the computer. It's a trade off.

Linux us by design more secure than Windows, however it is not as prevalent which makes it less of a target. But, remember it is free so it is downloadable for anyone who whishes to try and break it.

As for rogue flash drives and disks, there are multiple ways to handle it, but most start with "Do not allow auto run"

I was once at a seminar where the speaker was an NSA IT guy and he said then that unless you pull your hard drive, shred it and burn it,,,,, he would find something on it. But the software he was using is the stuff of governments that can afford to pay big bucks for IT forensic equipment. All I came away with from that seminar that was unless I take my PC, unplug it and lock it in a closet, it is not safe. That seminar was 10 years ago and I have changed my view on PC safety. Now I believe that unless you unplug your PC, drop it in a 55 gallon drum of concrete. seal the drum and the lock it in a closet....it will be attacked.

I use to run a tracking software on my home PC and it started telling me that someone from Korea was trying to access my PC. And then it popped up with Central America. It went back and forth between Korea and South America for a few seconds and then my mouse started to move all by itself. So I went to my security suite to lock them out. It was then I realized I forgot to password protect my security suite, because I was now locked out of it. I have to admit it was cool to watch and since I had no important info on my PC I simply shut it down, took it off the internet, wiped it and started from scratch. But I secured my security system and ran “ipconfig /flushdns" before I put it back on the internet
 

JowGaWolf

Sr. Grandmaster
MT Mentor
Joined
Aug 3, 2015
Messages
13,960
Reaction score
5,851
Agreed. In my experience (which is certainly less extensive than yours), most peoples security is what is set out of the box
Unfortunately this is true. People usually don't lock down their computer access.

If you really want your systems to be secure then it's going to take a multiple approach. For the most part it's the human behavior that put weak points into security. Most people don't listen to the security advice nor do they follow the security recommendations. Mac users are a good example, many of them are still running around without antivirus software or firewall software. Because they feel their system is secure they engage in risky behavior. No matter what you do, if you can't get the human to do his or her part, then your security efforts will be minimum at best.

A simple email can F-up a world of secure measures.
 

Xue Sheng

All weight is underside
Joined
Jan 8, 2006
Messages
34,275
Reaction score
9,392
Location
North American Tectonic Plate
Those aren't really using your knoppix usb drive to 'own' my pc though ;)

Although, your message has made me think...

Is there a possibility that the Nigerian prince who sent me an email asking for help to move his money wasn't genuine?

What about the one I got that said "we am from you bank council of english in america, needed your password confirm with here clicking" - surely that was genuine?

If I felt like typing more I would tell you all about the time I had a friend of mine contact me from Singapore and the 20 some odd e-mails we had back and forth. He apparently had to go there to help his sister who got sick and he got robbed and had no money...But I think I may have scared him, because he stopped responding. All I told him was the he was in luck, My nephew "Wang Bàolì èmó" who he had meant, was in Singapore on leave from the PRC Special forced unit and I would have his mother wire the money to him and he could meet him somewhere and give him the money...he never responded

1) my firend has no sister, was never in Singapore and his e-mail had been hacked
2) 王 暴力恶魔 ("Wang Bàolì èmó") translates to Wang Violent Demon
 

JowGaWolf

Sr. Grandmaster
MT Mentor
Joined
Aug 3, 2015
Messages
13,960
Reaction score
5,851
That seminar was 10 years ago and I have changed my view on PC safety. Now I believe that unless you unplug your PC, drop it in a 55 gallon drum of concrete. seal the drum and the lock it in a closet....it will be attacked.
View your router log and you can see just how much a network is attacked. Unfortunately most people don't check out their router logs to see what's being blocked and what's getting in. Consumer PCs are the worse and the Internet browsing that employees do is similar to the browsing habits they have at home. It's unrealistic to think that any computer won't be attacked. If it's out there then it's a at risk. It's not different than humans walking on the street. The more you walk on the streets and the riskier your walking behavior is (location, awareness, etc.) the more like you'll be attack. Some attacks may be brute force (aka mugging) and other attacks are less harmful but annoying like SPAM (someone on the street coming to you asking for money).

Regardless of the OS someone is going to be trying.
 

Dirty Dog

MT Senior Moderator
Staff member
Lifetime Supporting Member
Joined
Sep 3, 2009
Messages
23,363
Reaction score
9,102
Location
Pueblo West, CO
Linux us by design more secure than Windows, however it is not as prevalent which makes it less of a target. But, remember it is free so it is downloadable for anyone who whishes to try and break it.

True. And not only is it freely downloadable, the source code is readily available too. You don't even have to reverse engineer it. That's both a strength and a weakness of *nix.

As for rogue flash drives and disks, there are multiple ways to handle it, but most start with "Do not allow auto run"

That assumes it's actually a real USB drive. Not a rubber ducky. Or a bash bunny. Or any of the other things that just look like a USB drive but are not. "Hey, I've got a cable but I forgot my charger. Can you plug my phone into your computer so it can charge a bit?" Owned.
But it's a good start, yes. That puts us back to getting you to open that Really Cool and Informative PowerPoint file.
I think social engineering may well be the single most important factor in computer security today.

I was once at a seminar where the speaker was an NSA IT guy and he said then that unless you pull your hard drive, shred it and burn it,,,,, he would find something on it. But the software he was using is the stuff of governments that can afford to pay big bucks for IT forensic equipment. All I came away with from that seminar that was unless I take my PC, unplug it and lock it in a closet, it is not safe. That seminar was 10 years ago and I have changed my view on PC safety. Now I believe that unless you unplug your PC, drop it in a 55 gallon drum of concrete. seal the drum and the lock it in a closet....it will be attacked.

I agree with this completely.

I use to run a tracking software on my home PC and it started telling me that someone from Korea was trying to access my PC. And then it popped up with Central America. It went back and forth between Korea and South America for a few seconds and then my mouse started to move all by itself. So I went to my security suite to lock them out. It was then I realized I forgot to password protect my security suite, because I was now locked out of it. I have to admit it was cool to watch and since I had no important info on my PC I simply shut it down, took it off the internet, wiped it and started from scratch. But I secured my security system and ran “ipconfig /flushdns" before I put it back on the internet

Which goes to show that as systems become more powerful, they also become more vulnerable. Modern computers have too many ways to access them to secure them all.
Also shows the importance of backups and reset points. :)
 

Gerry Seymour

MT Moderator
Staff member
Supporting Member
Joined
Mar 27, 2012
Messages
29,973
Reaction score
10,532
Location
Hendersonville, NC
Backup data files only. Reformat. Clean install.
I don't want to start an OS war (though I might), but your best option would be to ditch windoze entirely. It's bloated, slow, unstable, incredibly easy to hack, and massively invasive of your privacy.
Personally, I'd recommend one of the various flavors of Linux. Linux is free, fast, stable, generally more secure, and because it's open source your privacy is assured. And unlike Windoze, it's a true multi-threaded multi-tasking OS. Not a shell running over the 1980's era MS-DOS that emulates multi-threading and multi-tasking (which is big part of it's instability). You will never see the BSOD or the interminable "Updating" screen with Linux.
Linux Mint is popular with people switching from MicroSloth, because it has a similar 'feel' but Ubuntu (which is what I primarily use) and Arch are also very popular. I also like Kali, but that's more oriented towards security testing and hacking so it's not for everyone.
I poked around Linux years ago. Unfortunately, it’s still not a viable option for those of us who need MS Office to be fully compliant with clients. And I’m so unfamiliar with software offerings on Linux that I couldn’t reasonably replace the rest of what I use, either.
 

Buka

Sr. Grandmaster
Staff member
MT Mentor
Joined
Jun 27, 2011
Messages
12,952
Reaction score
10,444
Location
Maui
I too like Linux, use to run a Linux box for AV and security. But it is not necessarily more secure, it is just not as popular in an enterprise setting, it still should be running Antivirus and security software.

I'll take my chances.
 

Dirty Dog

MT Senior Moderator
Staff member
Lifetime Supporting Member
Joined
Sep 3, 2009
Messages
23,363
Reaction score
9,102
Location
Pueblo West, CO
I poked around Linux years ago. Unfortunately, it’s still not a viable option for those of us who need MS Office to be fully compliant with clients. And I’m so unfamiliar with software offerings on Linux that I couldn’t reasonably replace the rest of what I use, either.

Libre Office is MS Office compatible, and a part of the default install on a number of Linux distros. And if it's not part of the distro, it's still a free download. Likewise, there are open source options for most things you'd want. And in the (fairly uncommon) case where there isn't, you can run something like Wine on Linux that allows you to run Windows programs, but in a more stable, actually multi-threaded multi-tasking environment. Win Win. :)
And if you MUST keep Windows around, you can always set up a dual boot option. My desktop still has Windows 10 on it. I rarely use it, but it's there. Honestly, the most common reason I boot to Windows is to test a new vulnerability. And even then I'm more likely to run it as several virtual machines (one for each version I'm testing...) on one of my Linux boxes.
 

Gerry Seymour

MT Moderator
Staff member
Supporting Member
Joined
Mar 27, 2012
Messages
29,973
Reaction score
10,532
Location
Hendersonville, NC
Libre Office is MS Office compatible, and a part of the default install on a number of Linux distros. And if it's not part of the distro, it's still a free download. Likewise, there are open source options for most things you'd want. And in the (fairly uncommon) case where there isn't, you can run something like Wine on Linux that allows you to run Windows programs, but in a more stable, actually multi-threaded multi-tasking environment. Win Win. :)
And if you MUST keep Windows around, you can always set up a dual boot option. My desktop still has Windows 10 on it. I rarely use it, but it's there. Honestly, the most common reason I boot to Windows is to test a new vulnerability. And even then I'm more likely to run it as several virtual machines (one for each version I'm testing...) on one of my Linux boxes.
There’s no real analog for Access, nor the same programming flexibility (VBA is native to MS Office), and some difference of functionality, even when using the same file type. And if that portion of my work has to be on Windows (since my graphics software isn’t on Mac), there’s little reason to maintain a Linux install just for browsing when I’m not working.

EDIT: Wine is a consideration. I wasn’t aware there was a Linux variant (I know it from Mac).
 

Buka

Sr. Grandmaster
Staff member
MT Mentor
Joined
Jun 27, 2011
Messages
12,952
Reaction score
10,444
Location
Maui
I was once at a seminar where the speaker was an NSA IT guy and he said then that unless you pull your hard drive, shred it and burn it,,,,, he would find something on it.



W:)hich is why I take my old hard drives and do far worse than that to them. And I don't even have anything to hide.

Except for, you know, stuff we say here on MT.
 

Latest Discussions

Top