Why you need to consider your security...

I recently had a client call me and say they'd connected to the Internet, gone to download a file and found they couldn't because they had exceeded their monthly download quota - on the 3rd day of the month, despite having downloaded nothing in the previous week!
Someone had been using their broadband connection through their unsecured wireless network.

 

This may not have been a deliberate Hacking of their system, just a neighbour whose laptop's Wifi was set to connect to any available network and didn't realise they were connected to the Net through their neighbour's Wireless router.
With more and more people using Wireless networking at work and at home, network Intrusion (both accidental and deliberate) is becoming more and more prevalent.

 

If you think Hackers only exist in the movies or aren't interested in YOUR system, think again...

I run an FTP file server on my PC. I use it so that I can access my files remotely and also provide file downloads for my clients if needed. I see determined attempts to hack into my server in the log files at least 1-3 times each week, with many of these attacks originating from Europe, America and Asia.

 

Here is a sample from my FTP server's logs showing an attempt to hack in using a "Brute-force" dictionary attack:

9/11/2007 9:39:26 PM 80.191.128.198:44129> Disconnected 9/11/2007 9:39:28 PM 80.191.128.198:45740> Failed to authenticate as Administrator (myadmin) 9/11/2007 9:39:29 PM 80.191.128.198:45740> Failed to authenticate as Administrator (nbvcxz) 9/11/2007 9:39:30 PM 80.191.128.198:45740> Failed to authenticate as Administrator (newpass) 9/11/2007 9:39:30 PM 80.191.128.198:45740> Disconnected 9/11/2007 9:39:32 PM 80.191.128.198:47518> Failed to authenticate as Administrator (newpass) 9/11/2007 9:39:33 PM 80.191.128.198:47518> Failed to authenticate as Administrator (newpassword) 9/11/2007 9:39:34 PM 80.191.128.198:47518> Failed to authenticate as Administrator (nimda) 9/11/2007 9:39:34 PM 80.191.128.198:47518> Disconnected 9/11/2007 9:39:37 PM 80.191.128.198:49115> Failed to authenticate as Administrator (nimda) 9/11/2007 9:39:38 PM 80.191.128.198:49115> Failed to authenticate as Administrator (none) 9/11/2007 9:39:39 PM 80.191.128.198:49115> Failed to authenticate as Administrator (november)

Tracing the I.P. address (80.191.128.198) of the Hacker shows the attempt is originating in Iran:

Here's another one, 4 days later:

3/11/2007 10:40:55 PM 218.80.221.75:56208> Failed to authenticate as Administrator (heidi) 13/11/2007 10:40:56 PM 218.80.221.75:56208> Failed to authenticate as Administrator (help) 13/11/2007 10:40:56 PM 218.80.221.75:56208> Disconnected 13/11/2007 10:40:57 PM 218.80.221.75:56566> Failed to authenticate as Administrator (help) 13/11/2007 10:40:58 PM 218.80.221.75:56566> Failed to authenticate as Administrator (holly) 13/11/2007 10:40:59 PM 218.80.221.75:56566> Failed to authenticate as Administrator (hoops) 13/11/2007 10:40:59 PM 218.80.221.75:56566> Disconnected 13/11/2007 10:41:00 PM 218.80.221.75:56855> Failed to authenticate as Administrator (hoops) 13/11/2007 10:41:01 PM 218.80.221.75:56855> Failed to authenticate as Administrator (iguana) 13/11/2007 10:41:02 PM 218.80.221.75:56855> Failed to authenticate as Administrator (indigo) 13/11/2007 10:41:02 PM 218.80.221.75:56855> Disconnected 13/11/2007 10:41:03 PM 218.80.221.75:57163> Failed to authenticate as Administrator (indigo) 13/11/2007 10:41:04 PM 218.80.221.75:57163> Failed to authenticate as Administrator (italia) 13/11/2007 10:41:05 PM 218.80.221.75:57163> Failed to authenticate as Administrator (jane)

This time the attack appears to come from Shanghai in China: