cheekybuddha
AWF VIP
- Local time
- Today, 13:01
- Joined
- Jul 21, 2014
- Messages
- 2,702
Synchronise database
- Thread starter Bieke
- Start date
- Local time
- Today, 08:01
- Joined
- Feb 19, 2002
- Messages
- 45,506
The virus infected software running on my PC isn't able to reach out and update YOUR PC. In order to infect YOUR PC, the virus has to rely on social engineering to get someone to attach the infected file to an email or include a link to an infected file and then have the target download and open it or have the target download the file from a website and run it. Once the target has made the mistake of downloading the infected file, then he needs to run it. Even the Sucxnex virus required someone to connect an external drive to a system that was connected to the centrifuges that the virus was intended to destroy.
What Edgar is talking about is a consciously created process that "listens" to an external port and when some message comes from the port takes some action. This "listener" is essentially a timer event that runs every x period to check to see if the socket has received a message. A timer event is safer since it does not communicate with the outside world directly. If you go the socket route, be sure to include some type of "handshake" so you can verify that you are talking with a message from you, not a random message from a virus searching for vulnerabilities.
What Edgar is talking about is a consciously created process that "listens" to an external port and when some message comes from the port takes some action. This "listener" is essentially a timer event that runs every x period to check to see if the socket has received a message. A timer event is safer since it does not communicate with the outside world directly. If you go the socket route, be sure to include some type of "handshake" so you can verify that you are talking with a message from you, not a random message from a virus searching for vulnerabilities.
Friendly reminder that all the attacker needs is a vulnerability. Having your ports scanned for entry points does not require a virus inside your system, it just requires a few tools and techniques that can be carried out remotely. Since the vulnerabilities are widely available, the attacker only needs check if the port responds, identify the service running on it and attempt the exploitation, which is why systems need to be updated and patched frequently.
Another clarification, the websocket route proposed is not a timer or polling mechanism. It's a reactive technology that listens for requests and resolves them in real time. Similar to how the server where this website is hosted is responding to your browser when it hits this website's URL.
Another clarification, the websocket route proposed is not a timer or polling mechanism. It's a reactive technology that listens for requests and resolves them in real time. Similar to how the server where this website is hosted is responding to your browser when it hits this website's URL.
Gasman
Enthusiastic Amateur
- Local time
- Today, 13:01
- Joined
- Sep 21, 2011
- Messages
- 15,764
Yes, I remember GRC.com from years back, to test your exposure to the Internet.
This was when people were just being connected to the internet without any firewalls.
www.grc.com
This was when people were just being connected to the internet without any firewalls.
GRC | ShieldsUP! — Internet Vulnerability Profiling
GRC Internet Security Detection System
The website you cited has likely been testing this for years, but the principle remains as relevant today as it was then. Firewalls won’t protect you from vulnerable services running on your ports.This was when people were just being connected to the internet without any firewalls.
In fact, if you want to see this in action right away, rent any VPS service and check your logs, although I think you could see the attacks taking place in your computer with a tool like Wireshark too. In the case of the VPS, within minutes, if not seconds, you will be receiving all sorts of attacks. It's very educational for the variety of attacks you can learn about, so I suggest you try it to see it yourself.
You have to remember that the attacker does not want you to know they have access to your computer, because they may use it to mine crypto, perform DDoS attacks, serve as a proxy, send spam, etc. They may also monitor your activity, steal your data, etc. Also, tools have only gotten more sophisticated.
You have to remember that the attacker does not want you to know they have access to your computer, because they may use it to mine crypto, perform DDoS attacks, serve as a proxy, send spam, etc. They may also monitor your activity, steal your data, etc. Also, tools have only gotten more sophisticated.
The point is: remote code execution exists and you can take advantage of it to sync your databases.
Last edited:
- Local time
- Today, 08:01
- Joined
- Feb 19, 2002
- Messages
- 45,506
And that is why I suggested the handshake. You have no idea what the bad guys send at you every day. Jon can probably tell you because websites are especially vulnerable.
Similar threads
