Precious Metals Forum

Go Back   Precious Metals Forum > Bunker Talk > STS

Like Tree4Likes
  • 1 Post By ancona
  • 1 Post By DCFusor
  • 1 Post By h4rdware
  • 1 Post By KMS

Reply
 
LinkBack Thread Tools
Old 01-12-2012, 02:58 PM   #1
Yellow Jacket
 
ancona's Avatar
 
Join Date: Nov 2011
Location: Waaay south
Posts: 3,370
Liked: 2046 times
Calling all computer nerds

I posted this question on another site, but want to gather a sort of consensus. While I haven't played a video game since Asteroids was a dime a play, my kid has a gizmodooschwackie of some sort and wants to do an internet thing, where other people can play against her. My question is this: If these djiblotties can connect to her game, and her game is connected to what is actually a very, very expensive piece of hardware, hand built to be able to handle the crazy shit I put it through, and connected not only to my server here in the office but NASA, is there a possibility that some scumbag could screw up my system or defeat the firewalls to see "inside" my machine?

This is a huge point of contention at my house right now, because my wife seems to be downright ambivalent about the thing, but I am vehemently against putting 8,400 dollars worth of state of the art home office equipment at risk in any way.

The wife insists we get her her own desk top unit, but it will have to be on my home network, which as previously stated is interconnected to other servers.

I checked with fair rights and use guys at the space center, and they couldn't counsel me either way, except to say they would personally err on the side of caution. Now, I do not want or need a pissed off teenager in the house, because that pisses off the wife, and since my cats already hate me it will make life suck pretty bad. Am I being paranoid or are my concerns real and valid?
__________________
All things being equal, the simplest answer is quite often the correct answer - Occam
ancona is offline   Reply With Quote
Old 01-12-2012, 03:24 PM   #2
Golden Cockroach
 
PMBug's Avatar
 
Join Date: Oct 2011
Location: In Scrooge McDuck's vault
Posts: 7,027
Liked: 2449 times
It would help a lot if you could tell us what the device in question is. Is it connecting to the internet through a cellular phone (4G) network, or home wireless network?
__________________
The journey of a thousand miles begins with a single step. - Lao Tzu

Important stuff: PMBug 101 * Forum Guidelines * Support PMBug
PMBug is offline   Reply With Quote
Old 01-12-2012, 03:56 PM   #3
Yellow Jacket
 
ancona's Avatar
 
Join Date: Nov 2011
Location: Waaay south
Posts: 3,370
Liked: 2046 times
We are a hard wired home network. i use the Poweredge 2900 by Dell, with multiple redundant solid state back-ups. I have a wireless connection available with encryption set up by The Company. I can handle up to sixty simultaneous connections. My back-up power supply is a string of 1.5V nickel iron batteries which are drained through a power inverter, the power then gets cleaned [sine wave I think] and I use it. These were all required to allow me to work from home. Half of the cost was teh consultants, the techies who put it in and then the rest was hardware. My kid would be hard wired with Cat-5 directly to the router. The thing she has is some kind of play station thing. I am against this, but it is causing an unnecessary firt in the house.

If I were Emporer, I would simply destroy all electronic crap, because kids should read fucking books......you know......like we did? Remember reading My Side of the Mountain? It was the greatest book I had ever read at teh time, as it made me imagine all the cool things that kid was able to do. Now? they simply point, click and voila, it's right there. Critical thinking has gone the way of the draft horse and it's very disconcerting.
rblong2us likes this.
__________________
All things being equal, the simplest answer is quite often the correct answer - Occam
ancona is offline   Reply With Quote
Old 01-12-2012, 03:58 PM   #4
Yellow Jacket
 
DCFusor's Avatar
 
Join Date: Nov 2011
Location: Floyd, Virginia
Posts: 1,682
Liked: 1233 times
Short answer, yes. And it happens frequently that some network is cracked through a game. Of course, it depends on the skill and persistence of the attacker and that in turn depends somewhat on if they perceive some value in the rest of the system they can get to.

I don't play games much myself. We had a decent network here (about 10 machines) that we used for software development, mostly windows. We had our inet access and firewall done so tight we never contracted a virus even so, though we captured a few for analysis that came in on email. We spent considerable time setting up a good firewall, closing all unused ports on it and all machines, using non routing addresses - all the basic stuff you did back then.

Then one day we decided to play Civilization (I like version II as about the only computer game I'll spend any time on). We set it up multiplayer inside our LAN.
In seconds, we had 10 more people wanting to join the game - they'd figured out some way to tunnel comm out to the 'net even through a firewall set up only for web browsing and email (and no, we didn't even use the standard port numbers).

So, any vulnerability in that game comm software that could be hacked would pretty much have handed a hacker our entire network, since inside it, machines were set to trust one another (why have a network if things can't talk?). Since we couldn't get access to the code (of course, that was their company jewels) we couldn't evaluate if there were issues with the security of it, but the quality of the game software was such that there were worries.

We pulled the plug on the 'net for that. There was no easy way, even with wireshark, to really figure out what our risk was, but if your network has things on it like "coporate jewel source code" - and ours had among other things, full source for windows, all Ti's software dev tools, microchips upcoming DsPIC design, and a few other choice items....you get real careful real quick.

Bruce Schneier's blog is a good place to look for information on this - most of this sort of practical stuff is on there but you have to search way back, they mostly talk more esoteric security issues and philosophy now.

http://www.schneier.com/
ancona likes this.
DCFusor is offline   Reply With Quote
Old 01-12-2012, 05:41 PM   #5
Fly on the wall
 
h4rdware's Avatar
 
Join Date: Nov 2011
Location: little britain
Posts: 94
Liked: 39 times
There's always risk when sensitive material is on the same network (or machine) as any public connection, even if you take some measures to deflect unwanted visitors. Gaming networks are generally insecure, especially if a non-authentic (cracked) version is operating on the private side of the network (or compromised software of any kind).

Even if the software is authentic, game developers (and IM client developers!) often do things to increase the chances of tunneling in or out through firewalls, because people do use those things from offices and it's 'added value' to the user. This often involves the HTTP port, or web proxies - and it doesn't always require explicit configuration.

When there is perceived value in attacking your system? The whitehats I have dealt with are very capable people - they can often get leverage. Especially on windows platforms.

Of course, if there is no perceived value the threat is minimal - especially if you have taken a few steps to stop casual intrusion and poking around.

The policy we use on our systems is to maintain an isolated network for the important stuff, and a public network for convenience. Anything that crosses between them (source control, test results) must use key authentication, or must be 'physically moved'. The weakest link is now stolen laptops with stuff on them (which has happened).

Basically, it is better to avoid connecting to public gaming networks to prevent casual intrusion, and to keep the public knowledge of your system to a minimum, not to attract interest in the first place
DCFusor likes this.
h4rdware is offline   Reply With Quote
Old 01-13-2012, 02:35 AM   #6
KMS
Moderator
 
Join Date: Oct 2011
Location: Cheesehead Land
Posts: 374
Liked: 119 times
Playstation / Sony's network was hacked by the hacker group Anonymous and down for over a month last fall. Meanwhile the hackers got all of the Playstation network users' credit card and personal information since Sony did not implement encryption in their database holding the info.

This isn't a shot at all, please don't take it that way, but if you don't fully know what your kiddo wants to plug into the net, as you called it, 'some playstation thing' is vague yet still enough for my memory to come up with what I just posted. Get your meathooks on the product she wants to use, figure out exactly what it is.
If she wants to play Song Play Station 3 console games online, re read what I posted above.
ancona likes this.
__________________
“The first panacea for a mismanaged nation is inflation of the currency; the second is war.
Both bring a temporary prosperity; both bring a permanent ruin.
But both are the refuge of political and economic opportunists.”
– Ernest Hemingway

If voting made any difference they wouldn't let us do it - Mark Twain
KMS is offline   Reply With Quote
Old 01-13-2012, 06:13 AM   #7
Golden Cockroach
 
PMBug's Avatar
 
Join Date: Oct 2011
Location: In Scrooge McDuck's vault
Posts: 7,027
Liked: 2449 times
If security is that much of a concern, you could always get a second (separate) internet connection for the game system to keep it isolated from your business network.
__________________
The journey of a thousand miles begins with a single step. - Lao Tzu

Important stuff: PMBug 101 * Forum Guidelines * Support PMBug
PMBug is offline   Reply With Quote
Old 01-13-2012, 08:02 AM   #8
Yellow Jacket
 
ancona's Avatar
 
Join Date: Nov 2011
Location: Waaay south
Posts: 3,370
Liked: 2046 times
It's handled. I made a deal with my good neighbor. I'll pay 1/5 of his cable bill and she will connect over their wireless. This was altogether too much drama for a damn game! When I was a kid, the mopst drama that you would get is when someone threw a fit for getting picked last for sand-lot ball.
__________________
All things being equal, the simplest answer is quite often the correct answer - Occam
ancona is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -5. The time now is 04:33 PM.


Powered by vBulletin® from Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.6.0 PL2 ©2011, Crawlability, Inc.
Content of PMBug.com copyright © 2011 - 2019 Measuring Up. All Rights Reserved.