Traceroute(Unix) and Tracert (Windows) are commands used to trace the path packets or information take from your computer to its destination on the web. These are terminal commands and the output can be somewhat techie.
If you would like to see how information gets from your computer to say google.com, and you would like to see it in a simple format, you can use a “visual traceroute” program. The visual traceroute program runs a trace of the path your packets will take to the destination, then displays them on a map for you to see.
One such program available is the Visual Trace Route Tool by Kirk Ouimet. It is a nice program that ties the output to a google map so you can see step by step the path that your packets take. Check it out at http://www.yougetsignal.com/tools/visual-tracert/.
Just a couple things come to mind thinking about the NY Times article mentioned in the last post.
First of all, how much time do you spend securing your network? Herein lays the problem. American businesses are very busy. To be competitive, we have cut staff, and have very limited budgets. When a new server needs to be put in, it needs to be done quickly. Be it a small business or corporate datacenter, time is money. A corporate server is set up quickly, usually from a checklist and then some sort of security program and anti-virus is installed. The programs are “supposed” to auto update without intervention. Rarely do people go back and make sure that the servers are updating. Anyways, the security program control panel said it sent the updates to the server. On a small business server, many times the server is set up, and locked in a closet. It is set to get security and anti-virus updates automatically, but does it?
Time is the issue. In the NY Times example, the hacker spent 6 hours a day hacking. 6 HOURS! Hackers do not have time limits or budget constraints. They usually go for easy prey, but if your site has something of interest to the hacker, they will spend weeks, months or in the extreme case years to find a way in.
This leads me to my second point. Most secure servers by checklists. If A through Z has been done, the server is secure. Server security is structured and precise. Hackers work out of the box. They don’t follow the rules. There is a lot to do in setting up a server. A random Server 2008 book has almost 1500 pages. That is about the same amount of pages as a Bible. Also, with the huge amount of code in a Microsoft operating system, holes are found very frequently. Usually, only the good guys reveal to Microsoft when an exploit has been found. Foreign hackers guard these exploits and as the article states, hope to use them in the future.
The odds are definitely in the bad guys favor, but with due diligence, we can harden our systems so the casual hacker will bypass our systems and look for easier prey.
Daniel W. Dieterle
A NY Times article today takes a look into the shadowy world of Chinese hackers. They have interviewed a hacker named “Majia”. And what you see is a 20ish year old hacker, sitting in a small unfinished looking room with just a computer on his small table. From the back, he looks more like a teenager than an international hacker. Welcome to 21st century warfare…
While China no doubt has groups of military based hackers in state of the art facilities, this is another look at the rouge forces that China is using. It is much harder to track individual hackers than a group of hackers. And then you always have plausible deniability if they are caught.
The hacker mentions how lucrative hacking is now. He has installed his software on over 2000 computers. He makes money selling trojan viruses that he writes and from bank accounts of people he has hacked.
He also points to another form of income for the individual Chinese hacker:
““Microsoft and Adobe have a lot of zero days,” he said, while scanning Web sites at home. “But we don’t publish them. We want to save them so that some day we can use them.”When asked whether hackers work for the government, or the military, he says “yes.” Does he? No comment, he says.”
It would seem that the Chinese government does have ties to these rogue hackers.
Read the whole story at NY Times.
Many people use online mail, banking and buy items on the internet now. The biggest question is,”What are some things I can check to increase my safety online?”
There are two ways to browse the internet, regularly and securely. Regular sites have the designation “http://” in front of the www. address, secure/encrypted websites us the “https:// designation.
What is the difference? Regular websites are not encrypted. Any information you enter into them is transfered across the internet in standard readable text. Secure sites encrypt the data you enter before sending it over the internet. This makes it very difficult, if not impossible, for someone to intercept and read this information.
Whenever you are asked to log in to a secure site, whenever you are purchasing items, or checking your financial information, glance up at the address bar and make sure that it says “HTTPS://” in front of the web address instead of “HTTP://” This tells you that your are using a secure site and that your information is being encrypted as it is sent over the internet. Standard sites are not encrypted.
Believe it or not, hackers have found a way to divert your HTTPS:// connections to a standard HTTP:// unencrypted address. So instead of your address bar at the top of internet explorer saying something like https://securebankingfor me.com it will actually say http://securebankingforme.com and your information that you thought was secure could be intercepted.
Oh, one last point, don’t rely on the lock icon that shows up in the address bar when on a secure site, hackers have found a way to duplicate that also. Always check for the “https://”
Daniel W. Dieterle