Every time I read an article like this I think "How can the guy be so stupid?!" I mean, I'm glad he got caught because he hacked into the University of Southern California's online application system and copied confidential information. Apparently he visited the site several times from his home computer.
Eric McCarty works as a network administrator, or did, and earns money performing network security assessments. That's what the story says! Can you imagine finding out that one of your employees is hacking from his home computer? That doesn't make him sound very bright now, does it?
Let me explain. Every computer on the Internet connected via a broadband connection (cable, DSL, ISDN) has an Internet address assigned. Blocks of addresses are owned by the ISP who dispenses an IP address for each customer connection. While you may have installed a router behind your DSL or cable modem that assigns an IP address to each system within your home network (192.168.x.x), the packets that leave your home network retain the originating IP address that was assigned by your ISP (i.e., 144.160.100.25).
Furthermore, most Internet facing web applications keep logs on the type of traffic that hits the website. That information contains the originating IP address of each connection. Web administrators or security administrators regulary review the logs for suspicious activity (or they should). If unusual activity is spotted, one of the first things an administrator does is check the originating IP address against the Network Solutions, RIPE, or ARIN databases.
The IP address generally will fall within a range owned by an ISP (NetRange: 144.160.0.0 - 144.160.255.255). This information will be documented and a security investigation will commence. The steps in an investigation vary from company to company, but at some point the FBI gets involved because interstate crime requires their involvement. The FBI will request the customer information associated with the IP address from the ISP and it's downhill from there (for the hacker).
When my son was about 13 years old, he thought I was a super cool security geek girl. He wanted to emulate me and decided to find out what hacking was all about. He began to stay up late into the night with his computer, downloading hacking scripts and learning all he could. I explained to him the above and told him that if the FBI knocks on my door I would let them take him away. He cooled his jets and I urged him in the direction of learning all about TCP/IP, programming, and computers. His first lesson from mom was: Hacking Stupidity 101: Never hack from home. Too bad Eric didn't have me for a mom!
Eric McCarty works as a network administrator, or did, and earns money performing network security assessments. That's what the story says! Can you imagine finding out that one of your employees is hacking from his home computer? That doesn't make him sound very bright now, does it?
Let me explain. Every computer on the Internet connected via a broadband connection (cable, DSL, ISDN) has an Internet address assigned. Blocks of addresses are owned by the ISP who dispenses an IP address for each customer connection. While you may have installed a router behind your DSL or cable modem that assigns an IP address to each system within your home network (192.168.x.x), the packets that leave your home network retain the originating IP address that was assigned by your ISP (i.e., 144.160.100.25).
Furthermore, most Internet facing web applications keep logs on the type of traffic that hits the website. That information contains the originating IP address of each connection. Web administrators or security administrators regulary review the logs for suspicious activity (or they should). If unusual activity is spotted, one of the first things an administrator does is check the originating IP address against the Network Solutions, RIPE, or ARIN databases.
The IP address generally will fall within a range owned by an ISP (NetRange: 144.160.0.0 - 144.160.255.255). This information will be documented and a security investigation will commence. The steps in an investigation vary from company to company, but at some point the FBI gets involved because interstate crime requires their involvement. The FBI will request the customer information associated with the IP address from the ISP and it's downhill from there (for the hacker).
When my son was about 13 years old, he thought I was a super cool security geek girl. He wanted to emulate me and decided to find out what hacking was all about. He began to stay up late into the night with his computer, downloading hacking scripts and learning all he could. I explained to him the above and told him that if the FBI knocks on my door I would let them take him away. He cooled his jets and I urged him in the direction of learning all about TCP/IP, programming, and computers. His first lesson from mom was: Hacking Stupidity 101: Never hack from home. Too bad Eric didn't have me for a mom!
Tidak ada komentar:
Posting Komentar
Setelah membaca artikel di atas.
Apa komentar anda ??