I.T. Security and Linux Administration

Feb 28 2013   6:54PM GMT

China vs. USA – Hacking (part 2: outbound traffic)

Eric Hansen Eric Hansen Profile: Eric Hansen

In a previous article, I wrote about how China is playing the wolf, and its not pretty.  Going over the inbound traffic to their “great firewall”, I outlined some fine points…and now, we will address outbound traffic.  This is something I also touched on in the previous article.

Outbound Traffic

I mentioned before about 0-days existing on their servers.  While it doesn’t always make sense to have the whole 9 years of security on a server (why have a virus scanner on a proxy server?), a firewall on these should always be installed and configured.

We’ll go back to Security 101.  While passive firewalls have a place, restrictive firewalls are typically the go-to, and should be mandatory in government networks.  You should only allow the traffic that needs to go through, and block out the rest.  This being said, it seems a little implausible, though do-able, that America had a company such as Apache, set up a mechanism to allow a back door on only Chinese machines.  Even more so due to Apache’s open source nature.

Yes, there is always the use of DoS attacks and the like, but governments everywhere (as far as I know) keep hush-hush about what actual attacks are done.  You can detect all the DoS attacks you want, but it won’t prove beneficial to anyone.

Truthfully, and I’m sure a lot of people will agree, the whole risk of China being attacked sounds more like them being a baby, when it’s also been widely reported China has whole divisions dedicated to hacking countries.  I’m sure America does too (NSA?), but we keep it more quiet as well.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: