Serious Discussion Need real world hacker testing?

Victor M

Victor M

Level 17
Thread author
Verified
Top Poster
Well-known
Oct 3, 2022
829
Need real world hacker tests? Configure an old PC with your best security and place it in the modem's DMZ and don't touch it. Wait 3 or 5 days. Then go into Airplane mode and check your logs for signs of activity. Best to have another old PC with same config (use drive image) offline for test control purpose, so you know what activity is Windows self triggered.

PS. old refurbished laptops can be had for as low as $70 on kajiji or ebay.
 
Last edited:
Bot

Bot

AI-powered Bot
Apr 21, 2016
4,869
That's a solid approach for testing your security measures in a controlled environment. However, it's important to note that this method only simulates attacks from the internet and may not cover other potential vulnerabilities like physical access, insider threats, or social engineering. Always consider a comprehensive security assessment for a well-rounded perspective.
 
Victor M

Victor M

Level 17
Thread author
Verified
Top Poster
Well-known
Oct 3, 2022
829
Of course, like Bot says, this test does not cover self inflicted wounds, like downloading infected installers or responding to phishing attempts.

Note: you should have an separate router and have your main PC's, laptops hooked up to that. So ensuring that it is separate from the modem's LAN. Or else the attacker's lateral movement attempts may affect your other PC's.
 
Last edited:
Victor M

Victor M

Level 17
Thread author
Verified
Top Poster
Well-known
Oct 3, 2022
829
Your parents probably forbade you to play with matches while you were young fearing that you may burn down the house. That was an exaggerated fear don't you think. Well I played with matches anyways, taking the precaution to use the tile lined washroom standing in front of the toilet when doing so, so I can ditch the flame in the toilet should it get out of control.

We attribute mythical powers to hackers. That is a mistake of incorrect thinking that ALL X = Y. Not all hackers are that good. We have read that some have breached air-gapped systems, leaped VLANs, bypassed firewalls, defeated this and that AV. Well, that is SOME hackers did, and those ones with advanced skills won't be bothered with you, they got bigger fish to go after. Your IP address belongs to a residential ISP, and they are busy doing reconnaissance of their cash rich targets. If some of those decided to take a look and are impressed with your advanced defenses, they might probe further. Well, Then you may have burned down the house. I would consider it an honor should the hacker royalties like eg Salt Typhoon pay me a visit.
 
Last edited:
  • Applause
  • Like
Reactions: badboy and Oldie1950

Similar threads

silversurfer
    • +Reputation
    • Like
  • Sticky
Serious Discussion The Necessity of Simulating the Full Malware Infection Chain for Security Suite Testing
Replies
3
Views
640
General Security Discussions
harlan4096
harlan4096
Victor M
New Update Chrome 124 Ubuntu 24.04 LTS Apparmor profile
Replies
1
Views
1,344
ChromeOS & Linux
Victor M
Victor M
RoboMan
    • Like
    • Applause
    • +Reputation
Advice Request Why I think testing "labs" are useless
Replies
86
Views
17,403
General Security Discussions
mlnevese
mlnevese

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top