.... Internet marketing resources, ecommerce web site design tutorials
  Taming the Beast - quality web marketing and ecommerce development services .... .


Return to web marketing and ecommerce articles index

Articles -  Script Kiddies III - Grill a Kiddie

In my previous articles, "Script Kiddies - Vermin of the Internet" and "Script Kiddies II - A warning to parents", I described the Script Kiddie problem. In summary, a Script Kiddie is a socially challenged person, usually male and in their teens, who uses easily located and usually free software tools to annoy the hell out of others by invading their privacy whilst online, or getting kicks out of vandalising web sites.

This article contains information for web site owners and surfers regarding what to do when your system is continuously "probed" from the same source, or if your site is compromised. Who you gonna call? KiddieBusters? (could be a good name for a web site?)

If you are running personal firewall software while surfing, you can actually do something with the logs. You can send them to your ISP along with an incident description. They may be able to chase it up on your behalf. Better still, if you can identify the IP address using a tracing program, send the firewall log with the trace results to the owner of that address along with time, location etc. 

I run traces on some of my logs, but this can also be a bit dangerous as there is a possibility that the owner of the address detects that you are "pinging"* them and therefore revealing your own IP address. Properly configured firewall software can minimise the danger of this.

Also, the IP address shown does not necessarily mean that it is the Script Kiddie themselves. There are various cloaking devices that the Kiddies use to hide their true origin, or may only refer to the service they are using to launch the attack. But it doesn't hurt to send the IP owner a polite email to serve as an alert, especially if you have been able to establish a repetitive address. 

How to write the email? The following is a message I recently sent to an ISP. (the IP and port numbers have been replaced with x's).



I have been receiving a number of warning messages over the last couple of days from my firewall software regarding an xxxx scan which seems to be originating from your service. Even as I am typing this I am receiving numerous warnings. It is currently 6.20pm Adelaide time, Monday 12 February. Could you please look into this for me as it is becoming highly annoying. Last night I had around 80 such warnings in 1 hour. Thanks. Below is my log of some of these scans and the copy of the trace results.

GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx, TCP
FWIN,2001/02/12,18:15:18 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx, TCP
FWIN,2001/02/12,18:19:00 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx, TCP
FWIN,2001/02/12,18:19:08 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx, TCP
FWIN,2001/02/12,18:19:38 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx, TCP
FWIN,2001/02/12,18:19:38 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx, TCP
FWIN,2001/02/12,18:19:54 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx, TCP
FWIN,2001/02/12,18:19:56 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx, TCP
FWIN,2001/02/12,18:21:00 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx, TCP
FWIN,2001/02/12,18:21:04 +10:30 GMT,xxx.xxx.xxx.xxx:xxx,xxx.xxx.xxx.xxx:xxx, TCP

Please contact me if you require any further details.


I also attached my "traceroute"** results, but have not included them here as they identify the customer number. The ISP responded to my message and said that they had "contacted" the customer. I received no further scans.

RoboForm: Free Password Manager

Free Password Manager
Roboform is a top-rated Password Manager - PC Magazine Editor's Choice, & CNET Download.com's Software of the Year. Encrypt passwords using AES, Blowfish, RC6, 3-DES or 1-DES algorithms Free software download!

It isn't just the casual surfer who is affected by Script Kiddies. Web Site owners are often the target of "vandals", also known as "Web Crackers". Web cracking is a popular Kiddie past-time. These individuals derive great pleasure from making changes to your web site without your knowledge. They access authoring rights to your site by "stealing" your password in a variety of ways.  It isn't financially,politically or religiously motivated, it's just vandalism. 

A real hacker would not carry out this type of foolishness, this is the realm of the gutless, immature Script Kiddie. It's a bit like that mindless graffitti you see sprayed all over our towns and cities. 

In the case of the web site owner, it is imperative that you immediately contact your hosting service as the security of your site has been breached (and therefore probably the whole server). The server's logs record all the activity on your site, and Script Kiddies are notorious for leaving "footprints" behind. 

Don't just shrug your shoulders and re-publish your site. What has just occurred to you is cyber-terrorism. There are a number of laws currently being introduced world-wide that will punish cyber-terrorists severely. It is unfortunate the offences are termed cyber-terrorism. In the case of the Script Kiddies it should be called cyber-idiocy. It should carry the death penalty, castration or at least they should be sentenced to a life of using a 386DX40 running Windows 95 rev. A! ;0)

Some other points of contact if your site is attacked are:

National Infrastructure Protection Center. The NIPC are a part of the FBI. On its site, there are forms that you can submit to report any incidents. It also contains up to date information on security threats and advice for ecommerce merchants.


For a more detailed listing of U.S points of contact, The Cybercrime site will have what you need:

http://www.cybercrime.gov/ reporting.htm

In Australia, intrusions should be reported to the Australian Federal Police via your local  Police Station. Hmmm.....we're a little behind the times methinks!

In the UK, well, I give up....couldn't find a thing except for a lot of talk. Once again, your friendly local bobby could probably help you out. If anyone does have any law enforcement reporting links for the UK or Australia, I'd be grateful for the information and would republish this article with it included.

In most countries, probably the best second point of call after your contacting your hosting service would be the Police.

The Internet community, either surfers, website owners or ecommerce merchants will only stamp out this problem if we actually do something about it. Don't let those valuable firewall logs go to waste. But if you are going to send them, ensure that what you send shows an established pattern of scans originating from the same source - at least 5 entries in a session. Random scans are very hard to track. A topic for another article.

Make it a national sport.....Grill a Kiddie!

*ping - Ping is a basic Internet program that lets you verify that a particular IP address (a set of unique identifier numbers, e.g exists and can accept requests

**traceroute - Traceroute is a utility that records the path stops through the Internet between your computer and a specified destination computer

Related articles:

Script Kiddies - Vermin of the Internet

http://www.tamingthebeast.net/ articles/scriptkiddies.htm

Script Kiddies 2 - An advice to parents

http://www.tamingthebeast.net/ articles/scriptkiddies2.htm 

Script Kiddies 2002 - an update

http://www.tamingthebeast.net/ articles2/script-kiddies-2002.htm

Michael Bloch
Taming the Beast
Tutorials, web content, tools and software.
Web Marketing, Internet Development & Ecommerce Resources

Copyright information.... This article is free for reproduction but must be reproduced in its entirety & this copyright statement must be included. Visit http://www.tamingthebeast.net  for free Internet marketing and web development articles, tutorials and tools! Subscribe for free to our popular ecommerce/web design ezine!

Click here to view article index 

Online meeting & webinar software review
Powerful, easy to use collaboration tools that can help improve your marketing sales and training efforts. Learn more about these services in this review & try a free trial!

The best shopping cart software
Our reviews of some of the best shopping carts around - free ecommerce solutions  through to premium services offering affiliate programs, marketing modules & online soft goods delivery.  Shopping cart software guide 

Autoresponder software/mailing list manager
 Read our beginners guide and reviews of all-in-one autoresponder & email marketing software solutions.

Credit card transaction fraud screening!  Effective fraud screening is an essential part of running an online businesses. Fraud transactions cost you money and can threaten your merchant account. Pick up a stack of transaction screening tips in this free guide! 

Need some advice/tools for writing/creating a web design, development or marketing proposal?






Get paid cash taking online surveys - free to join online 
survey companies that will pay you cash for your opinion!

In Loving Memory - Mignon Ann Bloch

copyright (c) 1999-2011  Taming the Beast  Adelaide - South Australia 

Profile - Contact - Privacy - Consultants Portfolio 

Search Site - Terms of Service - Social/environmental