Calling all computer nerds

Welcome to the Precious Metals Bug Forums

Welcome to the PMBug forums - a watering hole for folks interested in gold, silver, precious metals, sound money, investing, market and economic news, central bank monetary policies, politics and more. You can visit the forum page to see the list of forum nodes (categories/rooms) for topics.

Please have a look around and if you like what you see, please consider registering an account and joining the discussions. When you register an account and log in, you may enjoy additional benefits including no ads, market data/charts, access to trade/barter with the community and much more. Registering an account is free - you have nothing to lose!

ancona

Praying Mantis
Messages
3,341
Reaction score
32
Points
0
Location
Waaay south
I posted this question on another site, but want to gather a sort of consensus. While I haven't played a video game since Asteroids was a dime a play, my kid has a gizmodooschwackie of some sort and wants to do an internet thing, where other people can play against her. My question is this: If these djiblotties can connect to her game, and her game is connected to what is actually a very, very expensive piece of hardware, hand built to be able to handle the crazy shit I put it through, and connected not only to my server here in the office but NASA, is there a possibility that some scumbag could screw up my system or defeat the firewalls to see "inside" my machine?

This is a huge point of contention at my house right now, because my wife seems to be downright ambivalent about the thing, but I am vehemently against putting 8,400 dollars worth of state of the art home office equipment at risk in any way.

The wife insists we get her her own desk top unit, but it will have to be on my home network, which as previously stated is interconnected to other servers.

I checked with fair rights and use guys at the space center, and they couldn't counsel me either way, except to say they would personally err on the side of caution. Now, I do not want or need a pissed off teenager in the house, because that pisses off the wife, and since my cats already hate me it will make life suck pretty bad. Am I being paranoid or are my concerns real and valid?
 
It would help a lot if you could tell us what the device in question is. Is it connecting to the internet through a cellular phone (4G) network, or home wireless network?
 
We are a hard wired home network. i use the Poweredge 2900 by Dell, with multiple redundant solid state back-ups. I have a wireless connection available with encryption set up by The Company. I can handle up to sixty simultaneous connections. My back-up power supply is a string of 1.5V nickel iron batteries which are drained through a power inverter, the power then gets cleaned [sine wave I think] and I use it. These were all required to allow me to work from home. Half of the cost was teh consultants, the techies who put it in and then the rest was hardware. My kid would be hard wired with Cat-5 directly to the router. The thing she has is some kind of play station thing. I am against this, but it is causing an unnecessary firt in the house.

If I were Emporer, I would simply destroy all electronic crap, because kids should read fucking books......you know......like we did? Remember reading My Side of the Mountain? It was the greatest book I had ever read at teh time, as it made me imagine all the cool things that kid was able to do. Now? they simply point, click and voila, it's right there. Critical thinking has gone the way of the draft horse and it's very disconcerting.
 
Short answer, yes. And it happens frequently that some network is cracked through a game. Of course, it depends on the skill and persistence of the attacker and that in turn depends somewhat on if they perceive some value in the rest of the system they can get to.

I don't play games much myself. We had a decent network here (about 10 machines) that we used for software development, mostly windows. We had our inet access and firewall done so tight we never contracted a virus even so, though we captured a few for analysis that came in on email. We spent considerable time setting up a good firewall, closing all unused ports on it and all machines, using non routing addresses - all the basic stuff you did back then.

Then one day we decided to play Civilization (I like version II as about the only computer game I'll spend any time on). We set it up multiplayer inside our LAN.
In seconds, we had 10 more people wanting to join the game - they'd figured out some way to tunnel comm out to the 'net even through a firewall set up only for web browsing and email (and no, we didn't even use the standard port numbers).

So, any vulnerability in that game comm software that could be hacked would pretty much have handed a hacker our entire network, since inside it, machines were set to trust one another (why have a network if things can't talk?). Since we couldn't get access to the code (of course, that was their company jewels) we couldn't evaluate if there were issues with the security of it, but the quality of the game software was such that there were worries.

We pulled the plug on the 'net for that. There was no easy way, even with wireshark, to really figure out what our risk was, but if your network has things on it like "coporate jewel source code" - and ours had among other things, full source for windows, all Ti's software dev tools, microchips upcoming DsPIC design, and a few other choice items....you get real careful real quick.

Bruce Schneier's blog is a good place to look for information on this - most of this sort of practical stuff is on there but you have to search way back, they mostly talk more esoteric security issues and philosophy now.

http://www.schneier.com/
 
There's always risk when sensitive material is on the same network (or machine) as any public connection, even if you take some measures to deflect unwanted visitors. Gaming networks are generally insecure, especially if a non-authentic (cracked) version is operating on the private side of the network (or compromised software of any kind).

Even if the software is authentic, game developers (and IM client developers!) often do things to increase the chances of tunneling in or out through firewalls, because people do use those things from offices and it's 'added value' to the user. This often involves the HTTP port, or web proxies - and it doesn't always require explicit configuration.

When there is perceived value in attacking your system? The whitehats I have dealt with are very capable people - they can often get leverage. Especially on windows platforms.

Of course, if there is no perceived value the threat is minimal - especially if you have taken a few steps to stop casual intrusion and poking around.

The policy we use on our systems is to maintain an isolated network for the important stuff, and a public network for convenience. Anything that crosses between them (source control, test results) must use key authentication, or must be 'physically moved'. The weakest link is now stolen laptops with stuff on them (which has happened).

Basically, it is better to avoid connecting to public gaming networks to prevent casual intrusion, and to keep the public knowledge of your system to a minimum, not to attract interest in the first place :)
 
Playstation / Sony's network was hacked by the hacker group Anonymous and down for over a month last fall. Meanwhile the hackers got all of the Playstation network users' credit card and personal information since Sony did not implement encryption in their database holding the info.

This isn't a shot at all, please don't take it that way, but if you don't fully know what your kiddo wants to plug into the net, as you called it, 'some playstation thing' is vague yet still enough for my memory to come up with what I just posted. Get your meathooks on the product she wants to use, figure out exactly what it is.
If she wants to play Song Play Station 3 console games online, re read what I posted above.
 
If security is that much of a concern, you could always get a second (separate) internet connection for the game system to keep it isolated from your business network.
 
It's handled. I made a deal with my good neighbor. I'll pay 1/5 of his cable bill and she will connect over their wireless. This was altogether too much drama for a damn game! When I was a kid, the mopst drama that you would get is when someone threw a fit for getting picked last for sand-lot ball.
 
Back
Top Bottom