"The weakest link" (was Re: FilePro running on Unix vs Windows)

Kenneth Brody kenbrody at bestweb.net
Thu Dec 16 08:14:31 PST 2004 

Dan Snyder wrote:
[...]
> > One thing that's changing is the number of worms that
> > attack the Microsoft virus, Windows.  They've been
> > steadily increasing in number and destructive power,
> > at least if one counts the amount of spam sent through
> > zombified Windows machines destructive.
> This has nothing to do with Windows Server 2003 vs. UNIX.  Hackers target
> the weakest link and that tends to change.  For example, most SPAM used to
> come from poorly configured web server CGI's and mail servers (which were
> UNIX based).  Admins and developers have since fixed those security holes,
> so now the hackers target unpatched, unprotected client workstations that
> have clueless owners/operators.
[...]

I think we can all agree on the "[cr]ackers target the weakest link" part.
However, I think the "weakest link" lately has been the people running the
computers, and not the actual software they're running.  (Though insecure
software obviously plays a part.)  Nowadays, when even the most clueless
person can set up a wireless broadband connection in under 30 minutes,
there are plently of "targets" available.

We just set up a wireless portion to our home LAN.  While reconfiguring our
laptops to use the wireless connection (as opposed to unplugging/re-plugging
network cables around the house), I discovered that one of our neighbors has
a wireless LAN with the default name "linksys" being broadcast to anyone
who's listening.  I suppose it makes sense that the WAP needs to come from
the factory wide open, so that it can be configured once you get it home
without requiring a wired connection, but they could at least come with
some warnings about what can happen if you don't close it up.

-- 
+-------------------------+--------------------+-----------------------------+
| Kenneth J. Brody        | www.hvcomputer.com |                             |
| kenbrody/at\spamcop.net | www.fptech.com     | #include <std_disclaimer.h> |
+-------------------------+--------------------+-----------------------------+
Don't e-mail me at: <mailto:ThisIsASpamTrap at gmail.com>

More information about the Filepro-list mailing list