Equipped To Survive Equipped To Survive® Presents
The Survival Forum
Where do you want to go on ETS?

Page 2 of 2 < 1 2
Topic Options
#144267 - 08/15/08 03:45 PM Re: Virus alert CNN [Re: MartinFocazio]
haertig Offline
Pooh-Bah

Registered: 03/13/05
Posts: 2322
Loc: Colorado
Originally Posted By: martinfocazio
...EXCEPT - that some sites have a 3-strikes you're locked policy, so if you're on the REAL site, you enter the wrong PW once, you now only have 2 tries to get it right. Maybe not a big deal, but sometimes I'm all fumble fingers.

I have a three strike rule on my home Linux boxes. I only have the SSH port open, you get three attempts to authenticate and then you're locked out - permanently (at least until I manually release the locked out IP). Also, to authenticate, you get a shot a entering passwords, however no password will ever work since I only accept pubkey authentication. And ssh is configured to only allow my personal login, and no others, remote access. Any other services I want to us on these Linux boxes are configured to listen only on the localhost adapter, so I have to first tunnel in with ssh before getting to them. Firewalls and routers block these other service ports from the outside world as well as me having their services attached only to localhost. As I said in an earlier post: "LAYERS of security". You can never get things perfectly secure, but you can make unauthorized access more difficult.

All my setup is obviously to protect ME from incoming threats. It's much harder to protect yourself from making a mistake when connecting outgoing to some (possibly spoofed) website. Your brain is the biggest asset there. No "software security suite" is going to protect you from your own ignorance. You might get a little help from security suite software here and there, but it's certainly not idiot-proof or bullet-proof protection.

Top
#144276 - 08/15/08 04:27 PM Re: Virus alert CNN [Re: haertig]
Hikin_Jim Offline
Sheriff
Pooh-Bah

Registered: 10/12/07
Posts: 1804
Loc: Southern California
Originally Posted By: haertig
Anytime I go to a sensitive site (my bank, etc.) I make a habit of first attempting to login using a bad password - on purpose. If you somehow got spoofed or received a bum DNS reply, the bogus site will probably let you in with any password. That would be your clue that something has gone amiss. You have to have multiple layers of protection, topped off with the most important layer of all - your common sense and wariness.
Brilliant!
_________________________
Adventures In Stoving

Top
#144281 - 08/15/08 04:57 PM Re: Virus alert CNN [Re: Hikin_Jim]
thseng Offline
Old Hand

Registered: 03/24/06
Posts: 900
Loc: NW NJ
Re entering an incorrect password on the first try: I would expect that a phishing site would take the username and password you entered, log in to the real site and redirect you there so you don't realize you've been phished. Or at least that's they way I would do it if I where cyberscum.

Perhaps they don't bother, knowing that many of the people who fell for the phish wouldn't realize it anyway.

I don't have a source handy, but I seem to recall that most identity theft is committed by family or friends of the victim.
_________________________
- Tom S.

"Never trust and engineer who doesn't carry a pocketknife."

Top
Page 2 of 2 < 1 2



Moderator:  Alan_Romania, Blast, chaosmagnet, cliff 
November
Su M Tu W Th F Sa
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
Who's Online
1 registered (Doug_Ritter), 933 Guests and 22 Spiders online.
Key: Admin, Global Mod, Mod
Newest Members
Aaron_Guinn, israfaceVity, Explorer9, GallenR, Jeebo
5370 Registered Users
Newest Posts
Missing Hiker Found After 50 Days
by Ren
Today at 02:25 PM
Leather Work Gloves
by KenK
11/24/24 06:43 PM
Satellite texting via iPhone, 911 via Pixel
by Ren
11/05/24 03:30 PM
Emergency Toilets for Obese People
by adam2
11/04/24 06:59 PM
For your Halloween enjoyment
by brandtb
10/31/24 01:29 PM
Newest Images
Tiny knife / wrench
Handmade knives
2"x2" Glass Signal Mirror, Retroreflective Mesh
Trade School Tool Kit
My Pocket Kit
Glossary
Test

WARNING & DISCLAIMER: SELECT AND USE OUTDOORS AND SURVIVAL EQUIPMENT, SUPPLIES AND TECHNIQUES AT YOUR OWN RISK. Information posted on this forum is not reviewed for accuracy and may not be reliable, use at your own risk. Please review the full WARNING & DISCLAIMER about information on this site.