Security is a full-time business

Image of hacker with PC
When I looked at clip art for this week’s blog nearly all the hacking images were predominantly blue or green. They were also dominated by faceless hooded characters. I went for the hood but chose a little red to go with the mix.

One of the things I find surprising with running a website is how often people try to hack it. I mean, it’s not a big website, you can’t order anything on it, we don’t take money. So why do people bother?

But they do.

The security checker on our website reports how many times people try to log in, but can’t, and the number of times people look for a page that isn’t there.

You wouldn’t think that second one is problematic, but apparently there are known pages with security issues, and the hackers try to see if you have one of these pages on your site. If it’s there, they use it to hack into your system.

As for the log-in attempts. Yesterday, for example, we had eighteen attempts to log into our website. That’s right, eighteen.

This particular batch is multi-national. Some people (or bots, rather, because I expect it’s a program) are hacking in from London, some from the Netherlands, and quite a lot this time from Sydney, Australia. This is unusual, for hack locations seem to come in batches. For example, there’s a region in Ukraine where a lot of hacks come from, a couple in China, one in Argentina, one in Brazil, and one in the Netherlands. You’ll have days of, say, Ukraine-based hacks, then a break (because you’ve locked them out), then maybe days of attempts from Brazil, and so on.

My security program shows me who they are trying to log in as.

They try a lot of standard logins, like ‘admin’ and ‘test’. They also try ones associated with the username posted on the pages. For example, we get a lot of people trying ‘karen’, and ‘sherylyn’, and ‘skdunstall’.

Here’s a tip. Do not, ever, make your login name the same as the sign-off name you use on your posts. You’re handing hackers half the information they need to hack your system. Don’t make it easy for them. Likewise, don’t use ‘admin’. Or ‘test’.

Another thing we do to reduce hacking attempts is block the user on a single invalid login attempt. It’s a little inconvenient when I’m away from the home PC (which has the password stored) and I have to type in the password and get it wrong. There have been times where I’ve locked myself out of my own website for 24 hours. Even so, I wouldn’t change it.

If you don’t stop the hackers, they swarm, so right after this, I’m going to block eighteen IP addresses. My banned IP list is so long, it’s a wonder there’s anyone left to block.

Have a good week.

Share this:

2 comments

  1. Paula Lieberman - Reply

    The good news is that it looks like they’re not trying the barrage the site with automated break-in attempts of thousands of log in requests, which winds up being the equivalent of a denial of service attack even if the machine-generated user name and password brute force intrusion attempts fail to take over the website…

    The thing is the cost to the crackers [there is a much older definition of “hacker,”

    “Hacking at MIT has nothing to do with breaking into computer networks or computers. Instead hacking at MIT involves anonymous, ninja-like MIT students pulling off incredible feats of engineering right under the nose of the administration while quite possibly breaking dozens of laws and ending up on various rooftops [or in classrooms*, or in lobbies, or basements,or as art exhibits….] around campus. Hacks could be considered “pranks” at any other school but since MIT makes up its own words and meanings for things they are called “hacks” here. People who pull them are called “hackers.””

    And in the comments,

    “There’s a hacker’s code of ethics that’s fairly well publicized. It’s as follows:

    1. Be safe. Your safety, the safety of your fellow hackers, and the safety of anyone you hack should never be compromised.
    2. Be subtle. Leave no evidence that you were ever there.
    3. Leave things as you found them (or better).
    4. If you find something broken call F-IXIT (the local number for reporting problems with the buildings and grounds). Hackers often go places that Institute workers do not frequent regularly and may see problems before anyone else.
    5. Leave no damage.
    6. Do not steal anything.
    7. Brute force is the last resort of the incompetent. (“One who breaks a thing to find out what it is has left the path of reason.”—Keshlam the Seer, Knight of the Random Order)
    8. Do not hack while under the influence of alcohol/drugs/etc.
    9. Do not drop things (off a building) without a ground crew.
    10. Do not hack alone (just like swimming).
    11. Above all, exercise common sense. ”

    “Usually painting actual buildings is a no no. Painting things put on buildings is happy.”

    see https://mitadmissions.org/blogs/entry/hacking/

    [My dormfloor is still one of MIT’s most notorious, blast from the past example why: During Independent Activities Period it could be …hazardous… for a student to be away for the month…. First you lay down multiple layers of plastic, THEN you proceed to build the four foot diameter mortared brickwork wishing well complete with water and pennies, in Rick Carley’s dormroom…. [there was also plastic lining the inside of the wishing well. And then when Rick gets back , the sign goes up on the romm, “Best Wishes–the Hall” and the residents gather inside the room to wait for Rick to show up to see the expression on his face when… ]

Leave a Reply