Metasploit Server ARP Poisoning -> Idea

Have you heard about the ARP attack on the Metasploit Website?
Chinese hacker again.

What do you think about my idea ... disconnecting China and Russia from the rest of the internet. Wouldn't it make the net more secure? What do you guess? How much of the dark hacks and fraud is coming from there? Wouldn't it be a great idea to control the traffic from and to these countries by a big and western managed firewall? Let's see it as an upgrade of the Chinese wall ;)

Tags: arp, china, hack, metasploit, russia

▶ Reply to This

Replies to This Discussion

Permalink Reply by Schlzm on June 4, 2008 at 9:07pm: China yes, Russia isn't even on the top ten of originating countries for malicious internet traffic any more. I blacklisted all of China from sending email to my servers about a year ago.

Schlzm; ▶ Reply to This

Permalink Reply by Schlzm on June 4, 2008 at 11:01pm: Should probably add that I could get on board with your idea, but that Russia just isn't the powerhouse it used to be. South America is starting to get a lot more market share when it comes to BP server hosting and malicious traffic.

Schlzm; ▶ Reply to This

Permalink Reply by Sath770 on June 5, 2008 at 1:32am: now how would you do that? and the internet was ment to be shared with everyone ....; ▶ Reply to This

Permalink Reply by Raven on June 5, 2008 at 7:15am: China already has its huge firewall that controls the whole continent tightly. Making one for the rest of the world will only add more unhappy people because those things can easily be abused. (information hiding, everything being controlled by a small group - think 1984)

Not all of China is bad - and from every attack we can learn how to improve security. If there wasn't some threat (and not all of them have to come from China of course) then development of security would go much slower - and thus easier to be abused anyway.

And yes - Russia is behind on the internet. Less then a few months ago they started changing that, and I don't think they'll catch up with the western world fast.

Gz,
Raven [からす]; ▶ Reply to This

Permalink Reply by V on June 5, 2008 at 8:04am: So we need the threats from China to improve our security? Ahm, yes. Sure.
Didn't they say that to increase their amount of atomic bombs in the cold war or on September 11th?
"We need the terrorists to improve our security services. Isn't it?"
What kind of motivation is this?

And you say "not all of China is bad".
That is right!
But can't you say this about every other scourge in the history of humanity? Was the Soviet Union completely bad? Was Germany, Iraq >completely< bad? Weren't there children, babies, unpolitical people or political enemies?

I'd reduce the traffic from China to what we need from them - that is business. We don't need connects on Port 12345/tcp from dial-up IPs.; ▶ Reply to This

Permalink Reply by V on June 5, 2008 at 8:18am: Just compare it with a big mall.
People hanging around, chatting, buying good, negotiating, transporting goods, watching movies, playing games in the game hall, some are rooted to the 18+ area in the video store but nevermind. Let's say this is the Internet.
So, there is a lot of poverty around and a lot of criminal motivation. So this mall is located in a developing country... A big, shining mall with a lot of people showing their credit cards, buying and hanging around.

Have you ever seen such a mall without guards? Yes? Oh, please tell me where it is and i'll never go there.

What would happen with such a mall if there were no guards? Yes - people would wear knifes, pepper sprays, kevlar vests and shop owners would try to secure their gates - more or less effective. So - every shop has it's own guards, people are armed - some are not - and if they are not armed, they miss their wallet 5min later and have been ripped off everything. No worse - their arms are writing letters and their mouth starts to talk advertising - they are controlled by an outside force and behave strange.
This would be the mall without control.
This is our actual internet. Don't you agree?

And we - do like it like it is. Why? Because we understand how the security business work, how they control the people and because of selling knifes, pepper spray, advice and guards to the shop owners. Everything is open - come in and find out!! Great world! Great liberty! Almost nothing is secure but everyone is free to cheat, to watch child porn, to exchange construction plans for pipe bombs.
Just free.; ▶ Reply to This

Permalink Reply by Birkoff on June 5, 2008 at 10:16am: Yes, I agree. But just, please, add US to that list, and we have an agreement. There are so many of US people doing exactly the same thing!

Oh, wait! I have a better idea! Isolate US! That way, nobody will threaten US networks security anymore!

Common, lets take this political/ideological stuff out of here... I don't like China's politics at all, but let's get that straight: the problems you are talking about are not a problem with China, with Russia, with Turkey, with Brazil, or with any other country. The internet was MADE to be that way, work without control. If that is bad, if we need more control, let's think about how controlling bad people on all the earth, not in one country or another. They are bad and good people everywhere, and if they are more bad people on China, maybe it is because there is more people there that in any other place in the world!!!; ▶ Reply to This

Permalink Reply by V on June 5, 2008 at 11:19am: You are right. Right from the start it has only been a fiction - never meant as a possible solution.; ▶ Reply to This

Permalink Reply by V on June 5, 2008 at 11:48am: And yes! Sources of threats are everywhere. Therefore my initial question.. "What do you guess? How much of the dark hacks and fraud is coming from there?"

Is it 40 or even 60% of the attacks initially coming from there? We are not talking about botnet clients but about the sources of criminal threats.

According to the log files from my intrusion detection systems most attacks are coming from china, the eastern block including russia, brasil, columbia, india, pakistan, africa as well. This is about 95% where attacks originate from. Due to the Mpack wave early this year I find some from Italy as well.; ▶ Reply to This

Permalink Reply by dev0id on June 7, 2008 at 8:18pm: May be it's better for you to create your own "Intranet" and being there alone?

Have you ever thought about the fact that china has the lowest security awareness? And maybe because of that bad guys from Costa Rica create botnets from infected comrades' workstations?; ▶ Reply to This

Permalink Reply by V on June 8, 2008 at 11:04am: I said before that I am not talking about botnet clients.
I am talking about code parked on chinese domains injected by chinese IPs or distributed by chinese groups.
You are absolutely right that this IPs and this webspace may have been used by remote hackers to obfuscate the activity and blame the chinese.

It is nothing more than suspicion that code parked on ".cn" domains and injected by "chinese Ips" originates from chinese people.; ▶ Reply to This

Permalink Reply by dev0id on June 7, 2008 at 8:14pm: Buratino el stupido ?; ▶ Reply to This

RSS

Welcome to
House of Hackers

Sign Up
or Sign In

About

pdp created this Ning Network.

Badges | Report an Issue | Privacy | Terms of Service