Re: DON'T BELIEVE "Tracker", "Debbie", VPNSISHACKERSSECRET, "snailmail"!

From: Charles Otstot (saries@nc.rr.com)
Date: 02/19/03 

From: "Charles Otstot" <saries@nc.rr.com>
Date: Wed, 19 Feb 2003 13:16:57 -0500

"Tracker" <"snailmail(remove)222000"@yahoo.com> wrote in message
news:3E5084ED.4958C4AC@yahoo.com...
> If you'd like someone to challenge your knowledge, I'll gladly do so.
> Just a couple of quick examples
>
> Your VPN "information" is all wrong...the existence of a VPN adapter does
> NOT imply a system has been hacked. VPN stands for Virtual Private
Network,
> setting up encrypted communications between two locations (e.g. a remote
> user's PC and hs/her office network). The VPN adapter is a virtual network
> adapter that binds to a VPN client and creates the communication pathway
to
> it's partner location. A VPN adapter would be set up to ensure secure
> communications, NOT to hack into someone's system.
>
> 1. My VPN advice is for the simple minded Windows users (excluding 2000,
NT,
> XP).
            Bear in mind that many casual, novice (I wouldn't necessarily
call them simple-minded) users run
            the "excluded" OSes you list.

> A. Read "Que Special Edition Using Windows Me, Page 520".
> B. Install Windows 95, 98, ME and you will not see any VPN Adapter(s)
> set-up under Network Properties.

                If you install *any* Windows OS, there will be no VPN
Adapters installed by default.
                My point is that VPN installation is an active installation
which cannot be accomplished without
                user knowledge. As I noted with AOL adapters, I have never
heard of a VPN client being installed
                through hacking activity. It would be a purposeless act,
serving only to encrypt communications between
                the target machine and the attacker's system. The attacker
would gain nothing from the installation, since
                he/she would already have the ability to utilize the target
system in any fashion he/she desired without
                the need of a VPN client.

>
> You often indicate that AOL adapters are a sign of hacking. AOL adapters
are
> installed as part of the AOL client installation. I have yet to see or
hear
> of an attacker installing the AOL client onto a target machine. If you
have
> any specific, independently documented (by a recognized authoritative
> source) cases, please provide such documentation.
>
> If any individual isn't using AOL as an Internet Service Provider, no AOL
client
> adapter(s) will be present in Network Properties. AOL adapter(s) don't
install
> themselves all by themselves. User has to invoke the client for the
adapter(s)
> to appear.
>
        If you have even one specific independently documented case of an
AOL client being installed
        by hacking activity, please provide such documentation.

> I do not ascribe any improper motives on your part. However, your
knowledge
> *is* extremely limited and virtually every bit of advice I've seen you
post
> has been technically inaccurate at best, and generally has been
destructive
> for anyone who would accept it. If you truly desire to help others with
> security problems, please get some formal training both in the platforms
you
> want to support (e.g. Windows) *and* in security (e.g. CISSP as a start).
>
> I'm not here to critique your skills. My advice is one part of a four
slice
> pie. Tracker awaits others to share their three slices of pie with the
group.
>
        Unfortunately, your advice carries the potential for a great deal of
harm to those who are unfamiliar with
        computer systems on a technical level. As such, the "pie" has
already spoiled by the time you complete
        your postings.

> Tracker
>
>

Relevant Pages