Re: The origin of breakin attempts

In article <slrne71lt2.88a.ibuprofin@xxxxxxxxxxxxxxxxx>,
ibuprofin@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin) wrote:

On Sun, 21 May 2006, in the Usenet newsgroup comp.security.misc, in article
<barmar-76A15D.02491921052006@xxxxxxxxxxxxxxxxxxxxxxxx>, Barry Margolin wrote:

ibuprofin@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin) wrote:

How do you explain the disaster when Korea decided to put broadband into
every school, and then left the systems in unpatched, wide open states
that got exploited by every spammer in the world, and every skript kiddie
running his 'ph34r-/\/\3' tool-kit.?

I don't explain it because I was totally unaware of it. I'm not
disputing it, I just haven't followed the details of far eastern
technology transfer that closely.

If you ranked the apparent sources of spam, cracking attempts, and
spam support (web servers, drop boxes, etc.), Korea was pretty bad
for a while. Korea has a lot of bandwidth - it was unsecured, and it
was massively exploited.

But I guess the crux of the question is: are the attacks originating in
the far east, or are the attackers over here and they're exploiting lots
of vulnerable computers over there because the Chinese, Koreans, etc.
don't know how to protect themselves from becoming zombies.

My point up-thread. "Follow the money". The spam from "over there" is rarely
from there. Relatively few "over here" are able to read the native text
(most often even lacking the character set support). While the cost of
delivering the message is minimal, spewing to a 1e-5 chance of a sale
makes more sense than spewing to a 1e-9 chance. Even though the cost is
minimal, it's not zero.

That's true for spam. But the original post was about "breakin
attempts", not spam. Are the script kiddiez here or there?

--
Barry Margolin, barmar@xxxxxxxxxxxx
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
.

Relevant Pages

  • Re: The origin of breakin attempts
    ... or are the attackers over here and they're exploiting lots ... makes more sense than spewing to a 1e-9 chance. ... Even though the cost is ...
    (comp.security.misc)
  • Re: Transmission line matrix (TLM) - with two different velocities???
    ... Who exactly is this Ida Ring, whose email address you are exploiting? ... This is not, by any chance, so that she will get the spam that your ...
    (sci.physics)
  • Re: Malware Triangle
    ... > I imagine that there is some conceivable vulnerability that could be ... Plain text is just a conduit into exploiting something else. ... But HTML isn't even why I put Spam on the triangle. ...
    (alt.computer.security)