To the ISP in question. Note you also need the exact time of the incident since with some ISPs the IP addresses are dynamically allocated and reused - so the same address can be used by a number of unrelated users over a period of time.
That's what I always thought (I read the original papers when it happened). But apparently it used two different binaries, and sent both to the system under attack...
And the mechanism was a bit more compliacted than that:
I am amazed at how many linux/unix users do nothing at all even though stuff like root kits have been around for years. I suppose its to be expected, they keep telling each other that they are immune so often that they actually start to believe it. The reality is different of course. There is a lot of evidence that botnets are controlled by hacked unix machines, windows machines generally can't handle many connections without the user noticing a problem and then reinstalling/running AV software, this losses the rather valuable botnet. The users of these hacked unix machines will be telling everyone that unix is safe.
>
The sendmail running on many linux systems had exploits three years ago that I know of. Postfix has replaced it on most systems AFAIK, some of the sendmail exploits were never fixed AFAIK so anyone still running sendmail is probably exploitable. There have been a number of security updates to postfix to remove exploitable holes. Just running linux/unix does *not* make you safe whatever linux/unix users say.
Cue the usual windows is worse answer from linux users who still don't get it.
yes but in this case the reported IP was in fact in use by TMH earlier in the year. An Ebay upcock i suspect.
Remember the key loggers run on *your* computer and hence have full access to the raw keypress data long before it gets into a SSL stream.
You can apparently make a pretty good stab at recovering keystroke information from just an audio stream of someone typing. Each key/typist combination has a unique sound that will yield to a basic frequency distribution analysis.
TNP wasn't suggesting a keylogger - "and are you using unencrypted wireless in your house?"
It is pretty safe using open wireless to do your banking, provided you use a trusted DNS. The actual banking site will be https so all the data is encrypted before being put on the wireless even if the actual wireless is not encrypted.
It is the same when hand generated Morse code is sent, you can recognise the 'hand'.
Dave
.. | -.- -. --- .-- | . -..- .- -.-. - .-.. -.-- | .-- .... .- - |
-.-- --- ..- | -- . .- -. | ..--.. |
;-)
- .... .- - .----. ... . .- ... -.-- ..-. --- .-. -.-- --- ..- - --- ... .- -.--
STOP THAT NOW !
.. -.. --- -. --- - ..- -. -.. . .-. ... - .- -. -.. .-- .... .- - .. ... --. --- .. -. --. --- -.
Adam
In message , ARWadsworth writes
You - COAT
Don't you call me a .----. ... . .- ... -.-- !
-. . .. - .... . .-. -.. --- . ... --. . --- ..-. ..-. -... -.-- - .... . .-.. --- --- -.- ... --- ..-. .. - .-.-.-
.-- --- ..- .-.. -.. -. --- - -.. .-. . .- -- --- ..-. .. - --- .-.. -.. -.-. .... .- .--. .-.-.-
-.-- --- ..- ...- . .--. ..- .-.. .-.. . -..
.-- .... .- - | .... .- ...- . | .. | ... - .- .-. - . -.. | ..--.. |?
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.