Hello soldiers of the Cyber Resistance,
Your are tuning in to CCR radio, today we will talk about how my fascination about information security started.
Back in the days, twelve years ago to be more precise, the fascination for information security started. Back in 2004 i was 19 years old and by then we had an ADSL line for about 2 years. The internet became faster and more available. It was unimaginable what upgrade a ADSL was compared to a dail-up modem that we used from 1997 onwards to 2002. My friends at the time and I were into playing LAN games and have a big fascination for the internet, games, servers and everything related to these topics.
It was back then when i bought my first book about hackers and the world of cybercrime.
It all boiled down to the fact I was interested in the ways how hackers could enter systems that were off-limits and how they could stay in the shadows. What were some of the techniques, that they used, what are their motives.
And I know i sound like an old dude, well maybe I am, but back then the internet was not that mainstream as it is in 2016.
Nowadays there is a whole economy that relies on the internet, internet shopping is at an all time high, internet attacks, phishing, malware, it is all at an all time high.
Lots of people and business could not function normally if there was no internet, it has definitely become somewhat of a basic need next to air and food and cigarettes of course.
Back to 2006, this was the time that i first encountered some attacks on my personal website.
I started making my own websites, granted, back then it was just a template you filled with information and the rest was taken care off by the provider.
A couple of months later and being tired off all the advertisement, plus not wanting to buy hosting space, i setup my own web server at home, this hosted my own website, the quote on quote server was a very old pentium 2 computer that was taken back from death. Now it was given to important task to host my website.
Every Time a visitor went and logged in to the website you could hear the hard-disk spin up and the RAM crack in the back…
I downloaded Apache and Abyss Web Server, the second one being more user friendly for a complete noob like myself back then.
So I downloaded a template and got to work.
After filling up the template and then testing it thoroughly i configured the router to let HTTP traffic through to that particular pc, it worked eventually. Cool what else can i host ?
Oh well, now I also need to have a FTP server, just for the sport of it.
I used to test the website and the loading time later that afternoon at school.
I am sure it took about 10 seconds before the page would load, thanks to the old harddisk in the pentium 2 233 MHZ.
The FTP server was not any better, but it was so much fun, every time an anonymous user would log in, you would hear an eagle scream in the back.
Eventually this turned my mum crazy, it sounded like we ending up in zoo after about 1 month of running it.
Ok enough of that… back to the dangers of cybercrime.
What precautions did i take back then ?
I back-up the website, in case that harddisk would crash.
This was all HTML based, so not a database was connected.
Aah back in the day it was so easy, just copy back the files and your up and running again.
Second measure i took was to monitor network traffic on the web server, the already troubled pentium 2 had zonealarm installed, blocking all ports except port 80 for http traffic.
And ooh boy, the number attempts that were made on other ports and trying to delete pages on that host…. as early as 2006 – 2007.
I mean, there is nothing to gain here, no confidential information, no juice pictures, just HTML files. What nutcase want to sabotage my little underpowered web server, some people need a hobby a life and a girlfriend on top of that.
Anyway, since it was a host located on our own network, there was not a lot of security in place, it was a public ip address that was indexed inside of Google search engine.
This was apparently a big invitation for hackers and script kiddies to come and try their luck.
Most they would get out of it was letting the website crash or delete all of my HTML pages if they already came that far.
Sometimes I would get their IP-addresses, but hey, I just copied back the files and nothing was broken. Keep on moving, right ?
Back then i talked a system administrator for an assignment for school. I asked him about system security. He used a program called wireshark to sniff the network traffic.
They were implementing a system that could be accessed over the internet by employees and customers back in 2007.
He said, 10 minutes after the system has been put online, thus making it accessible to the world, the hack-attempts started, as a matter of fact if you install a windows XP machine plug it in the network, start browsing and do not immediately update your operating system, you bet your ass your computer is infected within a couple of hours.
That was my trigger, i was definitely interested in cybercrime and hackers. Wanting to know more about both sides, the prevention and the attackers.
In this show i want to give you more insight on both worlds and the knowledge i gain can be listed to on this podcast.
As time went on between 2007 and now the internet and the sophistication of attacks only increased.
Now in 2016 the information society is a fact you can’t deny. hence information security is a very important sector in the near future.
In this podcast I want to give you more insight on both worlds and the knowledge i gain.
Become a soldier in the Cyber Resistance and inform yourself.
Hope everybody is well and as excited as I am about this Podcast. It is still quite a nice subject matter but I am confident that if time goes on, the importance of this subject can only grow.