B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
Typically yes, but not always. As long as the PC is connected to a network that has access to the internet, it is vunerable, no matter the OS or browser for that matter.
Not 100% true. Your computer is relatively safe as long as it's behind NAT or a firewall. Most routers nowadays run on NAT by default. However if you have many computers within the same LAN and your Windows7 box manages to get infected, then it can and will bomb the other computers on the LAN with worms and other attacks.
 
Last edited:

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
Not 100% true. Your computer is relatively safe as long as it's behind NAT or a firewall. Most routers nowadays run on NAT by default. However if you have many computers within the same LAN and your Windows7 box manages to get infected, then it can and will bomb the other computers on the LAN with worms and other attacks.
It is 100% true, if a device is connected to other devices, as in part of a network, it is vulnerable. Firewalls and hardware protection protocols are only able to mitigate attacks on certain ports, unless a device is rendered practically useless for networking, by closing all ports, it is vunerable.
 

Aireoth

Supreme [H]ardness
Joined
Oct 12, 2005
Messages
5,068
Given it is no longer supported it introduces compromises into your ecosystem. Only an idiot would say this isn't an issue.
 

Master_shake_

Fully [H]
Joined
Apr 9, 2012
Messages
17,287
Hi,

I know that Windows 7 support has ended back in January this year. I saw a comment that said if you keep using it still you will get hacked.

How true is that comment?
How will I get hacked if I don't go to malicious websites and use NOD32?

Also, can my PC get hacked just by being on idle? Will someone be able to do remote code execution on my PC?
No it's not true.

MrGuvernment How do hackers find my PC? Do they use scanning software or something?
If you run pfsense and install pfblocker you can see port sniffers looking for openings from every country.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
It is 100% true, if a device is connected to other devices, as in part of a network, it is vulnerable. Firewalls and hardware protection protocols are only able to mitigate attacks on certain ports, unless a device is rendered practically useless for networking, by closing all ports, it is vunerable.
Incorrect. NAT prevents anyone from WAN to directly access the devices inside the network and vulnerabilities are concentrated on Microsoft services, it's enough if you block those ports from WAN. A random port open is no threat to anyone if there's nothing listening to it.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
Incorrect. NAT prevents anyone from WAN to directly access the devices inside the network and vulnerabilities are concentrated on Microsoft services, it's enough if you block those ports from WAN. A random port open is no threat to anyone if there's nothing listening to it.
And is a device using that port accessing anything? If it is, it can be found. If a device is accessing the network it is vunerable.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
And is a device using that port accessing anything? If it is, it can be found. If a device is accessing the network it is vunerable.
What sort of device are you talking about now? And you would need to be directly connected to WAN without NAT for anyone to even begin to see your ports.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
What sort of device are you talking about now? And you would need to be directly connected to WAN without NAT for anyone to even begin to see your ports.
It does not matter if you change the IP of a device, any device, packets are packets, and the translators or adapters can be comprimised.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
It does not matter if you change the IP of a device, any device, packets are packets, and the translators or adapters can be comprimised.
Well I urge you to try to reach any of your devices inside your LAN from WAN when you have NAT enabled. Go ahead and try. Even if it's theoretically achievable, you're going to be perfectly safe because no automatic script is going to attempt it. It would require a hacker interested in hacking your specific computer.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
Well I urge you to try to reach any of your devices inside your LAN from WAN when you have NAT enabled. Go ahead and try. Even if it's theoretically achievable, you're going to be perfectly safe because no automatic script is going to attempt it. It would require a hacker interested in hacking your specific computer.
When did I ever say we are talking bots? Practically safe, is not safe, and was my point from the begining. What I am trying to get accross to people, is keep your critical data off the network as much as possible. Do what you need to do, then disconnect.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
When did I ever say we are talking bots? Practically safe, is not safe, and was my point from the begining. What I am trying to get accross to people, is keep your critical data off the network as much as possible. Do what you need to do, then disconnect.
Do you really think someone is going to try to hack your computer out of a billion others online? Really?

It requires so much work that if you were a president of a major corporation or a senator, you might fall into the category. A regular joe with his puny windows machine? Not in danger in any shape or form. Your biggest practical risk is a misconfigured router and/or a vulnerability in the router firmware. Those can open up the gates to your computer. But if that happens, you got an immediate man in the middle attack scenario going also so you're screwed firewall or no firewall.

https://www.ethicalhacker.net/forums/topic/how-to-penetrate-pc-through-nat/
 
Last edited:

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
Do you really think someone is going to try to hack your computer out of a billion others online? Really?

It requires so much work that if you were a president of a major corporation or a senator, you might fall into the category. A regular joe with his puny windows machine? Not in danger in any shape or form.
Happens all the time, just like people winning the lottery. Does not change the fact, ANY device on a network with open ports, is vulnerable,
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
Happens all the time, just like people winning the lottery. Does not change the fact, ANY device on a network with open ports, is vulnerable,
No, it does _not_ happen all the time. Penetrating the NAT is a very involved process if the only vector of attack is WAN. It requires basically hacking your router. The most common way is to get the user to run a RAT at which point firewalls are again useless. A local firewall might catch an uninitiated outwards connection unless the RAT was smart enough to bypass it. And again, an open port with nothing listening to it, is not an attack vector. It's like poking a stick to empty air. Nothing will happen.

The way attacks begin is that the attacker first scans the network for open ports. Then the attacker scans for vulnerable services. If any are found, he can start targeting them with exploits. An attack never happens so that the attacker just picks a random port in the unregistered range and sends a 'magical packet' to it and gains access. Well, not unless the netwrok stack itself is vulnerable but at that point a local firewall is again defeated.
 
Last edited:

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
No, it does _not_ happen all the time. Penetrating the NAT is a very involved process if the only vector of attack is WAN. It requires basically hacking your router. The most common way is to get the user to run a RAT at which point firewalls are again useless. A local firewall might catch an uninitiated outwards connection unless the RAT was smart enough to bypass it. And again, an open port with nothing listening to it, is not an attack vector. It's like poking a stick to empty air. Nothing will happen.

The way attacks begin is that the attacker first scans the network for open ports. Then the attacker scans for vulnerable services. If any are found, he can start targeting them with exploits. An attack never happens so that the attacker just picks a random port in the unregistered range and sends a 'magical packet' to it and gains access. Well, not unless the netwrok stack itself is vulnerable but at that point a local firewall is again defeated.
You just don't get it. You keep admitting "if", yes that's how. It may be improbable but it's completely possible. Entire netwroks are compramised regularly, firewall of not, soft or hard. I won't even begin to post here HOW it's done, for obvious reasons. Siffice it to say, if a device has an open port, and it's using it, it is networked, and there for vulnerable. If it's not sending packets on that port, it's not networked, might as well close that one too.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
You just don't get it. You keep admitting "if", yes that's how. It may be improbable but it's completely possible. Entire netwroks are compramised regularly, firewall of not, soft or hard. I won't even begin to post here HOW it's done, for obvious reasons. Siffice it to say, if a device has an open port, and it's using it, it is networked, and there for vulnerable. If it's not sending packets on that port, it's not networked, might as well close that one too.
I repeat my question: What sort of "device" are you referring to? If the "device" is not a service that responds to calls and has vulnerabilities it's not going to be hacked, especially if and when it's not accessible to WAN when behind the NAT. The scenarios where a computer connects directly to internet are rare in consumer use. They exist, granted, but are very rare. It happened to me once, I moved to a new apartment and got a cable modem. I rebuilt a computer and installed Windows with the network plugged in. Windows was infected before the installation finished :D Then I realized the modem was configured without NAT and the network had worms and other attacks pinging 10 times a second on the computer (I ran wireshark to analyse the traffic and cause of the infection).

If you don't understand that:
a) An open port that has nothing listening to it is not a danger
b) The risk of a private users NAT being hacked that takes the effort equivalent to climbing a mountain is not something you should worry about

Then it's useless to continue because you clearly base things on belief instead of knowledge. Yes networks are hacked but they're hacked by using bad passwords in routers, exploits in router firmware, sending users emails containing autorunning code (dumb fucks run outlook on their local computer), tricking users into malicious websites and having their browsers run code automatically or tricking the user to run it. After that no firewalls or protection in the world will help. Worms will be able to propagate through open Windows services inside the LAN unless the user has blocked those (Windows never does by default).

If you spend your time worrying about en open port while you're behind NAT you should:
a) Use a different operating system than Windows as it's the most attacked platform in the world
b) Start enforcing the roof of your house. An airplane might crash through it. Chances are this happens before someone MANUALLY hacks your meaningless home lan.
c) Start studying if your home router is in the list of recent vulnerabilities and see if you can fix them. If not, time to go to buy a proper router. Many TP-Link etc. cheap home routers ocntain backdoors and the majority of home routers use default passwords enabling anyone to penetrate your LAN if you left the remote administration port open. So, instead of open ports on your workstation, you should make sure you have a secure router. Of course having the machine locally firewalled is a good thing. But it shouldn't be your priority in a normal home network and you should isolate your service ports from not only wan but also from private IP:s to stop a worm from spreading. Windows services such as RDP are the danger, not an empty port.

This is also the reason why you're supposed to run your possible IoT devices (own a smart tv perhaps? Security cam? Home automation?) on a separate subnet than your computers. IoT devices are notoriously weak on security and are often attacked. By isolating them to their own subnet you won't get your PCs attacked through them.
 
Last edited:

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
I repeat my question: What sort of "device" are you referring to? If the "device" is not a service that responds to calls and has vulnerabilities it's not going to be hacked, especially if and when it's not accessible to WAN when behind the NAT. The scenarios where a computer connects directly to internet are rare in consumer use. They exist, granted, but are very rare. It happened to me once, I moved to a new apartment and got a cable modem. I rebuilt a computer and installed Windows with the network plugged in. Windows was infected before the installation finished :D Then I realized the modem was configured without NAT and the network had worms and other attacks pinging 10 times a second on the computer (I ran wireshark to analyse the traffic and cause of the infection).

If you don't understand that:
a) An open port that has nothing listening to it is not a danger
b) The risk of a private users NAT being hacked that takes the effort equivalent to climbing a mountain is not something you should worry about

Then it's useless to continue because you clearly base things on belief instead of knowledge. Yes networks are hacked but they're hacked by using bad passwords in routers, exploits in router firmware, sending users emails containing autorunning code (dumb fucks run outlook on their local computer), tricking users into malicious websites and having their browsers run code automatically or tricking the user to run it. After that no firewalls or protection in the world will help. Worms will be able to propagate through open Windows services inside the LAN unless the user has blocked those (Windows never does by default).

If you spend your time worrying about en open port while you're behind NAT you should:
a) Use a different operating system than Windows as it's the most attacked platform in the world
b) Start enforcing the roof of your house. An airplane might crash through it. Chances are this happens before someone MANUALLY hacks your meaningless home lan.
c) Start studying if your home router is in the list of recent vulnerabilities and see if you can fix them. If not, time to go to buy a proper router. Many TP-Link etc. cheap home routers ocntain backdoors and the majority of home routers use default passwords enabling anyone to penetrate your LAN if you left the remote administration port open. So, instead of open ports on your workstation, you should make sure you have a secure router. Of course having the machine locally firewalled is a good thing. But it shouldn't be your priority in a normal home network and you should isolate your service ports from not only wan but also from private IP:s to stop a worm from spreading. Windows services such as RDP are the danger, not an empty port.

This is also the reason why you're supposed to run your possible IoT devices (own a smart tv perhaps? Security cam? Home automation?) on a separate subnet than your computers. IoT devices are notoriously weak on security and are often attacked. By isolating them to their own subnet you won't get your PCs attacked through them.
Again, you totally confirm my point by trying to refute it. If a device, any device that is on a network, is using that network to trasfer data, it is vunerable, as long as some part of the network has access to the internet. I don't care hw unlikely it is that a bot will sniff a port, that's not the point. You never worry about a plane hitting your house, until a plane hits your house. My point is that no device is completely safe if it is sending and receiving data to and from a network, even a subnetwork or intranet. I am not talking about probablities, only possibilities. Which was my intent to relay, on my first reply to the person I quoted.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
Again, you totally confirm my point by trying to refute it. If a device, any device that is on a network, is using that network to trasfer data, it is vunerable, as long as some part of the network has access to the internet. I don't care hw unlikely it is that a bot will sniff a port, that's not the point. You never worry about a plane hitting your house, until a plane hits your house. My point is that no device is completely safe if it is sending and receiving data to and from a network, even a subnetwork or intranet. I am not talking about probablities, only possibilities. Which was my intent to relay, on my first reply to the person I quoted.
For the third time I ask you what device are you referring to and what is the mechanism how an open port will affect that device. Hardware devices generally do not transfer data through any network ports unless they are somehow network related. So what device is it that you write of? And what is the mechanism an attacker would use to talk to that port behind the network address translation layer? Be specific, you must know these things if you want to argue. Otherwise you're just puffing off steam.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
For the third time I ask you what device are you referring to and what is the mechanism how an open port will affect that device. Hardware devices generally do not transfer data through any network ports unless they are somehow network related. So what device is it that you write of? And what is the mechanism an attacker would use to talk to that port behind the network address translation layer? Be specific, you must know these things if you want to argue. Otherwise you're just puffing off steam.
What part about ANY device do you not understand. I already told you I won't reveal any details about exploits, this is not 4chan. Suffice it to say, payloads are delivered every minute or every day to devices you think are safe behind your software or hardware mitigations. It's just like winning the lottery, or having a plane hit your house, it's looked upon as a challenge to some, and just dumb luck to others.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
Please explain the way a device you speak of
a) Uses the port
b) Is vulnerable to an attack, even given that we forget NAT entirely.

And don't hide behind 'cannot reveal exploits'.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
Please explain the way a device you speak of
a) Uses the port
b) Is vulnerable to an attack, even given that we forget NAT entirely.

And don't hide behind 'cannot reveal exploits'.
Are you still stuck on bots and sniffers? The internet of things has changed everything. Ports is not even a relavent term anymore with packets flying through the air all around you.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
Are you still stuck on bots and sniffers? The internet of things has changed everything. Ports is not even a relavent term anymore with packets flying through the air all around you.
No it's not like that. First of all, an IoT device is not your PC. Second, IoT devices have built in network adapters and they communicate using regular protocols, usually TCP/IP. They are not "devices" of your computer which magically use "a port". They do not send 'packets flying around'.
So your fear is out of not understanding what happens. It's ok, a common reason for fear and completely natural. It's a weak basis for argument though.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
No it's not like that. First of all, an IoT device is not your PC. Second, IoT devices have built in network adapters and they communicate using regular protocols, usually TCP/IP. They are not "devices" of your computer which magically use "a port". They do not send 'packets flying around'.
So your fear is out of not understanding what happens. It's ok, a common reason for fear and completely natural. It's a weak basis for argument though.
Right, 'cause IoT wireless uses magic protocols. Please go back to school. I told you ports had nothing to do with it after you started asking about devices.
 

Eulogy

2[H]4U
Joined
Nov 9, 2005
Messages
2,279
Think you two are pretty far off topic. B00nie doing their usual misinformation and incorrect/outdated "knowledge" (quoted intentionally) about Windows especially.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
Think you two are pretty far off topic. B00nie doing their usual misinformation and incorrect/outdated "knowledge" (quoted intentionally) about Windows especially.
Now you have to state which part was misinformation. Otherwise you can just remain quiet.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
Right, 'cause IoT wireless uses magic protocols. Please go back to school. I told you ports had nothing to do with it after you started asking about devices.
Every communication on the network happens through ports wireless or not, with the exception of local unix sockets perhaps. There are no magic "packets flying around". You showed that you have no understanding at all about the subject and you still argue. Do you really believe that IoT devices somehow magically bypass network protocols when they communicate? :D The IoT device is just a small computer with embedded linux on it (usually). It connects to network just as any other computer does.

The problem with IoT devices is that they're usually horribly misconfigured, cheaply built and there for not secure. A huge risk to anyone having them.
 
Last edited:

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
Every communication on the network happens through ports wireless or not, with the exception of local unix sockets perhaps. There are no magic "packets flying around". You showed that you have no understanding at all about the subject and you still argue. Do you really believe that IoT devices somehow magically bypass network protocols when they communicate? :D The IoT device is just a small computer with embedded linux on it (usually). It connects to network just as any other computer does.

The problem with IoT devices is that they're usually horribly misconfigured, cheaply built and there for not secure. A huge risk to anyone having them.
Did you , or did you not just claim IoT devices "do not send packets flying around". Make up your mind. Ports are irrelevant on those devices, for the reasons you stated. You are not making any sense, now you are saying devices on your network, are not capable of bieng secured. Are you really trying to say only a lInux machine can be secure? Because I hate to break it to you, those IoT devices you hammered....yeah, a bunch use a Linux kernel.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
Did you , or did you not just claim IoT devices "do not send packets flying around". Make up your mind. Ports are irrelevant on those devices, for the reasons you stated. You are not making any sense, now you are saying devices on your network, are not capable of bieng secured. Are you really trying to say only a lInux machine can be secure? Because I hate to break it to you, those IoT devices you hammered....yeah, a bunch use a Linux kernel.
I just claimed that IoT devices do not send packets flying around. They send packets following STANDARD NETWORKING PROTOCOLS USING STANDARD PORTS TO STANDARD SERVICES. NO MAGIC. If you can't understand such basic concepts, I really don't know how you're not embarrassed to discuss here.

You keep claiming IoT devices use no ports for communication. I'm beginning to suspect you don't even understand what a network port is. Hint: It's not the physical ethernet port on your windows gaming box lol.

And which part of horribly misconfigured did you fail to understand? The most secure system on the planet stops being secure if the user credentials are admin:admin.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
I just claimed that IoT devices do not send packets flying around. They send packets following STANDARD NETWORKING PROTOCOLS USING STANDARD PORTS TO STANDARD SERVICES. NO MAGIC. If you can't understand such basic concepts, I really don't know how you're not embarrassed to discuss here.

You keep claiming IoT devices use no ports for communication. I'm beginning to suspect you don't even understand what a network port is. Hint: It's not the physical ethernet port on your windows gaming box lol.

And which part of horribly misconfigured did you fail to understand? The most secure system on the planet stops being secure if the user credentials are admin:admin.
I never said that, only ports and sniffers don't matter anymore, the exploits have changed. I specifically stated that any device has to have at least one port in use to be exploited. Then you made some goofy statement that IoT devces do send packets. Youa are all over the place. So are there devices on a network that somehow communicate without packets? That's silly. Hence my "magic protocol" remark. Bottom line, if a device is connected to a network, it is vulnerable, my original statement you refuted as 100% not true. You are either confused, ignorant, or unable to admit when you are mistaken. One or more ports have to e open on any device that is part of a network, or it cannot network. You insisted they cannot be found because of the port designation, which is total BS. Sniffers and their bots are not the only way to target a network, not anymore.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
LOL you simply have no clue on what you talk about. Communication outside of protocols? LOL! :D You even happily mix up IoT devices and the point of origin of discussion, Windows 7. They have absolutely nothing to do with eachothers. And you continue to put words in my mouth. I never claimed IoT devices don't send packets, I said that they FOLLOW PROTOCOLS. If you send 'packets flying around' with nothing receiving them, guess what happens? Nothing. They're lost in the network, timing out.

Pointless to continue. You're inventing things and claiming them to be true and without being able to prove a single point so far Which is, again, typical for someone who believes but doesn't know. Looking at posts like that suddenly make you understand how people in the middle ages were hunting witches. They also had out-of-protocol invented things happening that were scary and as little true. You've obviously never configured a single firewal, build network routing and servicesl nor built a server in your life. A gamer with a fat headed ego.

Here's some reading for you if you're willing to learn instead of playing windows games for the rest of your life: https://arstechnica.com/tech-policy/2011/03/the-essence-of-the-net/
 
Last edited:

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
LOL you simply have no clue on what you talk about. Communication outside of protocols? LOL! :D You even happily mix up IoT devices and the point of origin of discussion, Windows 7. They have absolutely nothing to do with eachothers. And you continue to put words in my mouth. I never claimed IoT devices don't send packets, I said that they FOLLOW PROTOCOLS. If you send 'packets flying around' with nothing receiving them, guess what happens? Nothing. They're lost in the network, timing out.

Pointless to continue. You're inventing things and claiming them to be true and without being able to prove a single point so far Which is, again, typical for someone who believes but doesn't know. Looking at posts like that suddenly make you understand how people in the middle ages were hunting witches. They also had out-of-protocol invented things happening that were scary and as little true. You've obviously never configured a single firewal, build network routing and servicesl nor built a server in your life. A gamer with a fat headed ego.

Here's some reading for you if you're willing to learn instead of playing windows games for the rest of your life: https://arstechnica.com/tech-policy/2011/03/the-essence-of-the-net/
Packet flying around are an exploit, you were the one that said they were not flying around. You also failed to grasp the intention of the reply I made to a different user, stating clearly that no device is secure. You have a tremendous lack of comprehension combined with a galactic sized ego and tunnel vision. I have forgetten more about network security than you will ever learn in a lifetime, if your post here are any indication. It's a very simple concept, devices that communicate with other devices, are vulnerable. You can try to complicate it with nonsense about this or that protocol or ports or whatever, but it remains the means by which exploits are found and USED regularly.

I can take a stupid $30 SBC, hide it on your dwelling, and make you pay more for your electric bill every month. Not that I would do something illegal like that. That's just for starters. Don't bother replying or PMing me with insults, you are ignorant, so now be ignored.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,992
Packet flying around are an exploit, you were the one that said they were not flying around. You also failed to grasp the intention of the reply I made to a different user, stating clearly that no device is secure. You have a tremendous lack of comprehension combined with a galactic sized ego and tunnel vision. I have forgetten more about network security than you will ever learn in a lifetime, if your post here are any indication. It's a very simple concept, devices that communicate with other devices, are vulnerable. You can try to complicate it with nonsense about this or that protocol or ports or whatever, but it remains the means by which exploits are found and USED regularly.

I can take a stupid $30 SBC, hide it on your dwelling, and make you pay more for your electric bill every month. Not that I would do something illegal like that. That's just for starters. Don't bother replying or PMing me with insults, you are ignorant, so now be ignored.
Exploits always target services noob. Now please stop.
 

Mazzspeed

2[H]4U
Joined
Dec 27, 2017
Messages
2,883
Please stop B00nie. It's embarrassing.
B00nie is totally right.

Having a port open means nothing if there's no server on the other end accepting specific requests from the hacker, the hacker can't just send data through an open port.

Generally speaking, a sniffer will look for ports like TCP 3389 for RDP. They'll then establish a connection and try to brute force the password. But that only works because the server is actually listening on TCP 3389 for RDP connections.
 
Last edited:

GoldenTiger

Fully [H]
Joined
Dec 2, 2004
Messages
20,797
B00nie is totally right.

Having a port open means nothing if there's no server on the other end accepting specific requests from the hacker, the hacker can't just send data through an open port.

Generally speaking, a sniffer will look for ports like TCP 3389 for RDP. They'll then establish a connection and try to brute force the password. But that only works because the server is actually listening on TCP 3389 for RDP connections.
I meant his behavior.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
B00nie is totally right.

Having a port open means nothing if there's no server on the other end accepting specific requests from the hacker, the hacker can't just send data through an open port.

Generally speaking, a sniffer will look for ports like TCP 3389 for RDP. They'll then establish a connection and try to brute force the password. But that only works because the server is actually listening on TCP 3389 for RDP connections.
Please explain how a device can communicate with another device without sending and receiving data. Current popular methods of detection not withstanding, the device is networking and vunerable. If it is not networking, ports are moot.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
Simple:

Connected = hacked
Cloud = Leaked

It is not a matter of IF but WHEN.

Quoted from
https://www.linkedin.com/pulse/connectedhacked-cloudleak-why-alexandre-blanc-cyber-security
I am sure there are those here that would love to dispute the claims of the author of that article, but they explained in detail the point I was making. Port sniffing is antique scripting, mainstram 4chan gaming level garbage. It still works on probably 90% of home networks though. The wireless stuff is where the worst exploits are found now, the IoT mentioned in the article. You don't need prviledged access anymore, just change your ideas of how data is used, change your perspective, it's a world of "artists" and abstract ideas now. This was and is, reflected in the side channel attacks, a new outlook on what is vulnerable on a system.
 

blackmomba

Gawd
Joined
Dec 5, 2018
Messages
515
Its not really in dispute, it's more that its common knowledge. I think some want to move past that very basic and well established premise to dig deeper and understand more about the abstract ideas you speak of
 

Mazzspeed

2[H]4U
Joined
Dec 27, 2017
Messages
2,883
Please explain how a device can communicate with another device without sending and receiving data. Current popular methods of detection not withstanding, the device is networking and vunerable. If it is not networking, ports are moot.
I didn't say one device cannot communicate with another device without sending and receiving data, where did you get that idea from?

Open a port and do a port scan when there's no server listening for it's specific protocol on the other side of NAT, you won't get a reply on the WAN side - It's that simple. Furthermore, even if the port is open, you can't just force data through it unless you've already deployed some form of listening server on the other side via an associated hack involving either an exploit in the OS or social engineering.

TLDR; Port scanning alone does bugger all.
 

vick1000

2[H]4U
Joined
Sep 15, 2007
Messages
2,255
I didn't say one device cannot communicate with another device without sending and receiving data, where did you get that idea from?

Open a port and do a port scan when there's no server listening for it's specific protocol on the other side of NAT, you won't get a reply on the WAN side - It's that simple. Furthermore, even if the port is open, you can't just force data through it unless you've already deployed some form of listening server on the other side via an associated hack involving either an exploit in the OS or social engineering.

TLDR; Port scanning alone does bugger all.
You are too hung up on payload delivery, it's not needed anymore. What are you using this device for? What is the device it communicates with? Where does that traffic end up? What other devices are associated with that device? One device gets compromised on the network, the entire network is compromised. I don't need a RAT (or other remote) on the target anymore, I am searching for data, silently. If I get some credentials, that's great, but that's not all there is to "hacking". Again, I don't need a payload on a device to make use of it, nore do I need remote access, even though eventually that's what will end up happening. As long as there is unencrypted data, or common encrypted data (VPN) coming from that node, it will fall eventually.
 
Top