BRUTEFORCE??

no1sqt · November 13, 2008, 5:16am

I just wanted to know how easy it is for someone to use bruteforce to hack your comp and is there any way to really stop it from happening??

Japo · November 13, 2008, 6:44pm

I don’t think the term “brute force” applies here. As far as I know a computer is hacked most times through the same channels that legit communication uses.

system · November 21, 2008, 9:15pm

Brute Forcea is a method of defeating a cryptographic scheme by trying a large number of possibilities

CG

system · November 21, 2008, 9:18pm

Let’s put it in this way,
Hackers Alike uses popular ports because the user see’s his firewall saying someone is trying to come in using port xx and they know that port xx is for their “browser” or what ever, and they allow it, this is one of the ways that hackers get through 5-7% of the time…

CG

Japo · November 22, 2008, 9:37am

Thanks, I didn’t know that meaning.

Bracca · December 14, 2008, 11:30am

I think that no1sqt referred to the hacking program called Bruteforce which uses the same named method to get acces to pc’s. Saw a video on youtube where someone used Bruteforce and got an acces to a Mac running OS X Leopard, just in the time of five seconds. If Mac is that easy to hack with Bruteforce, then i seriously hope that CIS can prevent it from getting into our computers.

jeremysbost · December 15, 2008, 2:37pm

If Mac is that easy to hack, just think about how Windows can open up windows for hackers.

rhgtyink · December 15, 2008, 2:54pm

I don’t know that program, and without knowing what it uses to “attack” you it’s impossible to say how easy it would be, let’s take the worst case scenario. An internet connection, no firewall or NAT device, your unpatched windows machine. That should not take to long to gain control over.

Update your OS
Update your Browser(s)
Update your Browser plugins (flash, java, quicktime etc)
Firewall your System
Use Antivirus to scan your system
Use Antimalware to scan your system
Think twice before you trust something that is to good to be true, i’ll bet you it isn’t.

For the first 3 checkout Comodo Vulnerability Analyzer and/or Secunia PSI.
For the next 3 use CIS in combination with Malwarebytes Antimalware or Super Antispyware etc.

And not to forget, DO NOT use an administrator account and ALWAYS keep offline backups of your sensitive data.
Imagine all your data got encrypted by a hijack virus !! yeah i had a backup on by external drive but it was connected to my system and now it’s encrypted also !! that would be no fun.

Eduardo · December 15, 2008, 6:45pm

CIS needs a best password protection to resist bruteforce attacks.

fazio93 · December 15, 2008, 11:13pm

What do you mean? To stop it from being disabled?
CIS has great self protection.

Bracca · December 16, 2008, 5:47am

My bad, it just happened to be somesortf of program that just used bruteforce method. Didn’t see the programs name though. (:TNG) Also the person in the video used some sort of program called Spyme or something like that. Will post the link to the video if someone is interested in testing if CIS can block hat sort of an attack. Although they hacked a mac in that video, i bet that the same programs, or atleast same kind of programs are availeble to windows also.

gibran · December 16, 2008, 9:15am

Hallo Bracca,

please don’t post the video as it could provide info about bruteforcing software.

Bruteforcing can be usually prevented using strong passwords.
In case of Wireless LAN, most of old router used a protection named WEP that could be bypassed with little effort.

Nowadays routers and wifi NICs use WPA or WPA2 Security with TKIP or AES Encryption. These settings and a strong password could reduce the risks of security breaches.
Ref: WPA Security Tips

Bracca · December 16, 2008, 7:53pm

Right’o. Won’t post any illegal stuff then n.n’

gibran · December 16, 2008, 8:48pm

As per the above mentioned policy quote, inappropriate content regarding tools that can be used for the good and for the bad were moved off-line and are currently awaiting a collective moderator review.

I invite members to not post links to tools that can ALSO be used for malicious purposes whereas informed discussions about the way to defend against similar techniques do not pose any concern policy-wise.

Bracca · December 19, 2008, 12:36pm

Oh dear me, youtube is full of videos demonstraring how someone could easily hack and remote acces PC:s. One video showed how a trojan called Netbus could be used to steal passwords, log input commands, disable key’s on keyboard and so on. I think this is quite serious since anyone with intentions to cause harm to others via pc and hacking, and with some information and technical knowhow of how to get IP adresses and so on, could very easily use these videos to their own personal gains. This would, and probably has caused a dramatic rise in the number of Scriptkiddies amongst our planet.

rhgtyink · December 19, 2008, 8:26pm

I’ve seen the video, this “bruteforce” is nothing new (to me then at least) basically he’s

on the same wireless or LAN as the attacked host.
he’s scanning an unprotected MAC that appears to be running Apple Remote Desktop.
he’s connecting to it and only does not know the “password”.
that’s where he used a “bruteforce” attack against the ARD service.
now he’s in…

So Secure your WLAN with at least WPA2, Firewall your host if it’s a pc/windows/linux/apple what ever for unsolicited incoming traffic. And log denied traffic. And he’s nowhere, in this case.