question about computer security

This may sound like a very weird question but I need to know if this kind of technology exists or not.

"someone" told me about it, even claims to have it at his job, but not sure if it's true:

"a computer security system that tries to trace the intruder or hacker, next sends a warning and finally fries the attackers computer.... I mean totally destroy it."

did anyone hear about this sort of thing?



[edit on 5/6/2009 by GypsK]

Helloes,



I have no experience with a security system/software that does exactly that, but here are some details:
Tracing an intruder or hacker is easy unless he removed his traces, in which it can be a lot tougher - but since attacks are usually logged on multiple places, it's really hard to remove all the steps. Normally a firewall will immediately log and/or display the attacker's IP-address, and that's usually all you need (its 'the' internet address type). There is the possibility the attacker is hiding behind a proxy - meaning that the IP-address belongs to a service the attacker is using to hide its own IP. In that case the proxies need to be probed for the real IP-addresses, and that's quite a feature for a piece of software - if a proxy has no online accessible database of hidden IP's, the software would need to write an email to the proxies' owner, methinks.. So probably it won't attempt to figure out the real IP-address, instead assume there is no proxy, and the logged IP is the real attacker.
Sending a warning to an IP-address is quite possible, but there are several problems with it - to receive the warning, the computer/router/whatever at that IP-address needs to have just the right message-protocol enabled. Old Microsoft OSes like 98 and 2000 used to have Microsoft's very own message protocol enabled by default, which lead to spam without having your browser open.. really bizarre. Nowadays, this message protocol seems to be out of use, so it probably wouldn't work. The system could try to find an email-address belonging to the IP-address, but it would be a big guess. If the system had access to massive databases like MSN uses, it could easily find an email matching to the IP-address .. but the biggest problem is that an ISP normally provides only 1 IP address per household. To the outside world, there is only one receiver - yet many of us have multiple computers connected to the internet. This is mediated with a router, which responds to the designated IP-address, and forwards it to the right computer. But if someone were to send a warning from the outside, how would the router know which computer to speak to? Same goes for MSN; if there is only 1 IP-address but 4 people on MSN, that means you would get 4 email-addresses. Any way you choose to go, it's "fuzzy logic" and you might end up sending warnings to an innocent bystander (for example, when someone's computer is unknowingly being used as a proxy).
Then there is the last stone in the shoe - fry and/or totally destroy someones computer. As you hopefully see now (depends on my explanation-skills :]) it's neigh impossible to be sure if you're targeting the right computer - you have to make a lot of assumptions, and if any are wrong, it's someone else computer you're attacking. But the real crux is: what if that guy runs the same security system? Can the system crack itself? If a security system can penetrate itself, it's not safe yet - which is the goal of a security system. So, no, it won't crack itself. It is by definition impossible that a security system can destroy someone else's computer, because it might have to face itself. Other than being theoretically impossible, if someone would not have the proper defenses (say, a basic firewall), there might be some damage to be done, but destroying a computer is one of the most unlikely damages. Lots of people have a router or a firewall or linux (ok not lots of people ) - maybe the security system annoys them by calling in all his security system buddies, and send a hell of a lot TCP/IP requests (ehh.. internet computer requests ;D) to the IP-address so the computer can't handle the flood anymore, and finally halts (called a denial-of-service (DoS) attack). But most firewalls have protection against that as well. It's likely that the security system has a list of common exploits through which it iterates, just trying every single programmed option to see if the vulnerability is in place, and if it succeeds, it repeats the step, until it is lodged firmly into the other's computer, at which point it could destroy it. But although the chances of finding a vulnerability expands with the size of the list of exploits, the time it takes to find it expands as well - and the further in time we get, the more exploits out there have been fixed already. So even with such a list, chances of getting in are slim.

The chances of all these things 'working out' for the security system are in my opinion not large at all. If your "someone" keeps his story up, I'd willingly let him attack me!

reply to post by scraze

---

thanks for that excelent explenation!

I kinda figured this was very unlikely but yes, he keeps his story up. This guy works in the financial sector and he keeps claiming that his home computer, which is provided the company he works for, is secured with such a system.

[edit on 5/6/2009 by GypsK]

99.999% sure you were fed a line of bunk by somebody who's computer knowledge likely stops at using using MS Office to do documents and spreadsheets.

Tracing can be easy (in the case of garden variety hackers) or neigh on impossible when trying to track down somebody who has an in depth knowledge of computers and networking or just a really good wifi antenna on their laptop.

Sending a message back would be rather complicated as you would have to work with so many possible operating systems and network architectures, and even then a good firewall would shut down such message attempts.

Frying someones computer remotely is the stuff of science fiction unless you happen to know they don't have good air circulation in the computer and/or no fan on the processor heatsink. Sure you can hose hard drives and corrupt operating systems to the point of no return but hardware would be an insanely rare case requiring a lot of coinciding factors.

reply to post by GypsK

---

This is possible, and for those who doubt it, you're obviously not very computer savvy.

The tools you are referring to, GypsK, are out there, they are not cheap.

In 1999 I was on the receiving end of a crackers, that's criminal hackers, one sided battle, where they broadcast my IP address, e-mail address, and real identity across all of their hacker boards, these would be message boards, just like ATS.

I've since learned to never broadcast my personal information, especially if a hacker/cracker is present.

While I will not go into specifics here, nor U2U, I got the perfect firewall that stopped all hackers and crackers.

The reason they hated me, as well as attacked me? My opinion of them.

Crackers, criminal hackers, to me, are the same equivalent as a rapist.

They come on to you, just like a friend, give you gifts (usually containing a Trojan virus), and then they exploit you, through your computer, against your will.

The only difference between cracker's and rapist's, is the physicality of the hack over rape.

They have identical modus operandi.

Research Project On New Terrorist Labeling

For a fresh and new perspective on Steve Jobs and Bill Gates, I recommend this movie :

YouTube Link

Stop The Stalkers




[edit on 5-6-2009 by SpartanKingLeonidas]

So far as frying your computer goes at first I thought that part is a load of bunkum.

Then my mind went to the overclocking community - they regularly fry components pushing performance to the limit... Now a days I believe there are more safety functions builtinto things like processors... But I reckon it is still possible for an overclocker to turn the voltage right up across the processor (thus increasing both speed and heat) And then fiddling with the CPU fan settings so not enough cooling ventilation is provided - Give the processor something high load to run and potentially poof!

Can that be done easily nowadays? No Idea, can it be done remotely? Probably, so long as you can get some software onto the targets machine.

thanks for the replies

even if there is a small chance that this kind of technology exists, I doubt it that a banking company would have use of it.

I think I stay with my original thought, that my "friend" has a whishful-thinking kind of imagination

[edit on 5/6/2009 by GypsK]

reply to post by SpartanKingLeonidas

---

are you a whitehat? and perhaps from u.k. if so and if you are that particular person then you were served what you dished out. If not just disregard this message.

To fry a remote pc or mac, well sure its possible but highly unlikely for it to be done unless you have actively addressed a group or a particular person. Hijacking wifi's is as easy as flipping the light switch in your home, only requires 5 mins at the most, spoofing all your hardware serial numbers is only about 2 mins work. Most people use broken old laptops for parts and go through the process. Usually prior to 2005 hardware is considered okay but prior to '98 is considered a optimal.

If your considering this as fun to try out i advise you NOT to, as it will take you down are road of l33t users who often play with you as a pussy does with a mouse before it kills eat.

reply to post by tristar

---

I am neither a white hat nor from the UK.

Neither am I black hat, nor grey hat, nor red hat.

Consider it disregarded.

[edit on 5-6-2009 by SpartanKingLeonidas]