Quote:
Originally Posted by nrocme
20 years IT work here. I'm guessing the people that fell prey to this guy didn't have even the cheapest firewall/anti-virus software running. Attacking a specific port on any network is very easy to do, but also easy to detect.
Oh, and please don't go searching for tools to do port attacks as you WILL eventually get in serious trouble obv. You're ISP would probably figure it out also and shut you off.
Also, I know Norton's firewall will detect this type of attack and tell you the port and also from what IP the attack is coming from. Would be easy to turn this over to stars for quick justice.
I disagree with some of this ESP that it is easy to detect. You can masquerade attacks over well known ports. Not to mention zero day threats. I think you are underestimating the dangers.
Granted simple virus blocking exe files would stop most of this. But I caution anyone who thinks basic software can stop an advanced persistent threat.
Also a well designed spear fish and code piece can bypass this as well. Most of this does require the user doing something silly like clicking a link but symantec firewalls and virus are not fool proof
You can also bypass ISP checks, bounce off clones, etc
My caution here is for all to be vigilant
My apologies if you agree and I took your post out of context.