Study: 2 out 3 Australian Net Users Are Vulnerable to Hacker Attacks
Page 1 of 1
A study by Australian IT security firm Shake Communications revealed that around two out of three Australian Internet users are vulnerable to attack by hackers because of inadequate firewall protection from ISPs and ill-figured commodity products.
These attacks range from obtaining access to the hard disks of Internet users, to causing machines to crash or roboot.
The "Dialup Internet Access Study" of 1998 found that 70% of Internet users had some sort of file-sharing enabled that could be exploited by hackers. Six percent of Internet users were running Web servers and another 6% were running FTP servers. Of the 6% running FTP servers, 19% provided anonymous access to illegally copied or pirate software and 23% provided access to illegally copied audio CDs or music files.
Over a six week period, Melbourne-based Shake Communications dialed up to a major Australian ISP during peak times, scanned modem banks, and checked services such as Telnet and FTP using customer IP addresses.
The study also found that 4% of users connected to the Internet enabled incoming telnet sessions. Of that 4%, 53% restricted access, 51% displayed the company name and 67% displayed the version of the operating system on the computer.
"ISPs are not adequately protecting their client," Johnson said. "Many ISPs still do not have a firewall to protect their own computer systems, let alone their customers dialing up from home or work. Of those ISPs that do have firewalls, many of them have holes, are not configured correctly or don't have the necessary rules in place to protect their modem banks."
"Companies must assume that just because they connect to the Internet via a modem, doesn't mean their ISP is protecting them," Jonhson added.
Shake Communications is an independent information and Internet security research firm based in Melbourne, Australia that provides research on vulnerabilities in hardware and software and houses what's claimed to be the world's largest vulnerabilities database. It partners with such companies as Network Associates, Eastcoast Software and Secure Computing.