Wednesday, February 07, 2007

It's a dangerous world out there on the net for computers

A University of Maryland study reports a
near-constant rate of hacker attacks of computers with Internet access — every 39 seconds on average — and the non-secure usernames and passwords we use that give attackers more chance of success. …

Most of these attacks employ automated scripts that indiscriminately seek out thousands of computers at a time, looking for vulnerabilities. …

The vast majority of attacks came from relatively unsophisticated hackers using "dictionary scripts," a type of software that runs through lists of common usernames and passwords attempting to break into a computer.

"Root" was the top username guess by dictionary scripts-attempted 12 times as often as the second-place "admin." Successful 'root' access would open the entire computer to the hacker, while 'admin' would grant access to somewhat lesser administrative privileges. Other top usernames in the hackers' scripts were "test," "guest," "info," "adm," "mysql," "user," "administrator" and "oracle." All should be avoided as usernames.

The researchers found the most common password-guessing ploy was to reenter or try variations of the username. Some 43 percent of all password-guessing attempts simply reentered the username. The username followed by "123" was the second most-tried choice. Other common passwords attempted included "123456," "password," "1234," "12345," "passwd," "123," "test," and "1." …

What are the hackers trying to accomplish? "The scripts return a list of 'most likely prospect' computers to the hacker, who then attempts to access and compromise as many as possible." … "Often they set up 'back doors'-undetected entrances into the computer that they control-so they can create 'botnets,' for profit or disreputable purposes." A botnet is a collection of compromised computers that are controlled by autonomous software robots answering to a hacker who manipulates the computers remotely. Botnets can act to perpetrate fraud or identity theft, disrupt other networks, and damage computer files, among other things.

No comments: