NOW READ THIS
("Security Advisory")
Go Back
Submitted by: Bill Hickey
NCVA List Master
NRT-0024 YOUR PC IS PROBABLY A TARGET:
A University of Maryland study has found that hacking operations now occur at a "near-constant rate." The research found that a PC connected to the Internet will be attacked by hackers every 39 seconds on average. The study profiled the behavior of "brute force" hackers to determine which usernames and passwords are tried most often, and what hackers do when they gain access to a computer. Most attacks employed automated scripts that indiscriminately seek out thousands of computers at a time looking for vulnerabilities. The computers in the study were attacked, on average, 2244 times a day. The researchers set up weak security on four Linux computers with Internet access, and then recorded what happened as the individual machines were attacked.
The vast majority of attacks came from relatively unsophisticated hackers using 'dictionary scripts,' a type of software that runs through lists of common usernames and passwords attempting to break into a computer. "Root" was the top username guess by dictionary scripts, and was attempted 12 times as often as the second-place "admin." Successful ROOT access would open the entire computer to the hacker while ADMIN would only allow somewhat lesser administrative privileges.
Other top usernames in the hackers' scripts were "test", "guest", "info", "adm", "mysql", "user", "administrator", and "oracle." The researchers found that the most common password-guessing ploy was to re-enter or try variations of the username. Some 43% of all password-guessing attempts simply re-entered the username!!!
The username followed by "123" was the second most-tried choice. Other common passwords attempted included "123456", "password", "1234", "12345", "passwd", "123", "test", and "1". These findings support the warnings (apparently unheeded) of security experts that a password should NEVER be identical or even related to its associated username. (http://www.vnu.co.uk 06FEB07)
Last Modified: Friday, 09-Feb-2007 20:17:40 EST