Posts by activereachmax

Re: GDPR

Not necessarily. Network security is usually considered a Legitimate Interest and so capturing IP addresses for security purposes is lawful - as long as the business could show an auditor a Legitimate Interest Assessment and is transparent with the data subject about the collection, who's collecting it, and how to exercise your rights as a data subject with them, as a data controller.

It's a bit like operating a CCTV camera in that information about you is captured by the system for a legitimate security purpose, but that does not require your consent to be legal.

Re: Seems a little...weird

The number of users accessing a resource is not necessarily proportional its importance/value to an attacker. Fewer people have access to a company's payroll and salary information in an HR server than a company's intranet servers and they probably access it less frequently, but the information contained therein is probably more valuable. If the information, rather than pwning the computing power, is the objective.

Total absence of traffic might be pertinent to a smart, diligent and cautious criminal - but then you are testing these systems regularly aren't you? There shouldn't be /no/ traffic.

Any system that can make overconfident hackers look like chumps is OK by me. I just wish it was less expensive and complicated. It doesn't sit very high up on most company budget lists.

Is a lack of consensus that surprising? The survey asked professionals for their top 3 pieces of advice for consumers. Every professional is different, as is every consumer and thus their priorities will be different won't they?

#1 Don't use computers

#2 Don't connect anything to the Internet

#3 Close the curtains and hide under the bed

-----

#4 Use a password manager and 2FA (What? I only get to pick three pieces of advice? Oh well.)

Re: DDos prevention

Firstly I would challenge the assertion that "It is not difficult to recognise DDoS packets" which is not true of all DDoS attack techniques. Secondly, ISPs are more likely to blacklist a target of a DDoS if it threatens their other customers rather than mitigating DDoS attacks for their customers - particularly if the customer has not specifically paid for DDoS protection. Most would be unwilling to put filters on routers at their end for the duration of an attack (which can be quite short) and putting it on a customer's device does nothing to stop volumetric attacks. Cloud mitigation can be effective, but is expensive "always-on." Trying to notify those responsible for the millions of compromised devices used in botnets and then fining them if they don't fix it is... ambitious.

Cost of DDoS?

"When you consider this, it makes perfect sense why these DDoS are being done by the left. They have the organization and money to pay people to engage in that activity, if not the skills, themselves."

Launching DDoS attacks takes no real technical skill or investment... or organisation. The majority of DDoS attack traffic is launched by individual computer gamers against other individual gamers using tools marketed to them on easily located gaming/hacking forums. Any teen can do it. A whip round your local pub will likely get you enough to launch a week's worth of DDoS at a target of your choice. Alternatively a round of drinks.

Perhaps the real risk here is societies that give young people disposable income sufficient to launch DDoS attacks against people or organisations they don't like but denies them the legal right to spend it buying rounds for their mates?