ninjette.org - View Single Post

Alex · April 10th, 2014, 03:08 PM

Just about every client that is doing anything interesting is connecting to the internet. Being behind a router or even firewall does protect against a huge number of external attacks. If the machine doesn't have the port open, it's a rare occurrence for a remote compromise.

But that's not the attack vector anymore. It's compromised websites, taking advantage of weak browsers and even weaker plug-ins. Many don't require user input, so the generally useful advice of "just don't click on anything stupid" isn't wrong, but it's not a comprehensive solution. If you're running an out of date browser, Adobe Flash, Shockwave, Java, .NET, and a few other heavy hitters in a similar vein, given enough time, you will come across an exploit online. It's not only about going to trusted websites either, as over the past 2 or 3 years, they are coming in through malicious ad modules that are being pulled into otherwise trustworthy sites.

April 10th, 2014, 03:08 PM	#29
Alex ninjette.org dude Name: 1 guess :-) Location: SF Bay Area Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much. Blog Entries: 7	Just about every client that is doing anything interesting is connecting to the internet. Being behind a router or even firewall does protect against a huge number of external attacks. If the machine doesn't have the port open, it's a rare occurrence for a remote compromise. But that's not the attack vector anymore. It's compromised websites, taking advantage of weak browsers and even weaker plug-ins. Many don't require user input, so the generally useful advice of "just don't click on anything stupid" isn't wrong, but it's not a comprehensive solution. If you're running an out of date browser, Adobe Flash, Shockwave, Java, .NET, and a few other heavy hitters in a similar vein, given enough time, you will come across an exploit online. It's not only about going to trusted websites either, as over the past 2 or 3 years, they are coming in through malicious ad modules that are being pulled into otherwise trustworthy sites. __________________________________________________ Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)