Art of Communication


Date: March 7th, 2017

HACK ATTACK, it starts as a four seconds brute force knock on the databases of our servers. Beautiful in its efficiency, a stream of packets, structured only to deliver one question. Is your database here ?

In four seconds it got answers to 85 question. It was in the middle of the night, when on one is looking, at 03:33 am. The trail starts in Spain, to where my server happily responded the typical reply “404 Not Found”. The first set of intelligence has been collected by this unsophisticated known exploit using “User-Agent: Mozilla/5.0 Jorgee”., My servers replies were full of useful information like installed operating system, version of web server and running services. This data will be useful for a better targeted attack next time.

In the evening the visitors started to arrive, first from Bangladesh, then Romania, Hungary, and even a little SSL knock from Seychelles. Joining were pokes coming from Malaysia, Turkey, US and we even got a hello from Russia. All the packets seemed unusually empty, not telling much about the knocking visitors. Unlike the spidery bots that crawl the web and collect data for search engines, these visitors had pulled a cloak over their actions by leaving their packets empty.

On sunday, at 03:16 am they came from Mexico, asking straight up for FTP configuration files. A bit later at 3:36 am they came again from Seychelles with a three second burst of probing questions. Asking 16 different ways for logon to our database. This time they have send an extra packet “GET /w00tw00t.at.blackhats.romania.anti-sec:)”, showing much practicality to use over half a decade old exploit. The script goes one by one, ready to branch from the loop on positive server response. The attack failed to inject malicious content into our web server.

After a bit of quite at 8:30 am they came back form Seychelles. A few minutes later they were visiting from the US. This time the the unwelcome intruder came to have a closer look at our SSL (encryption). Repeatedly connecting and generating errors, prodding and poking for over two minutes. They even send us an encrypted heartbeat packet. Was this an attack using the SSL Heartbleed exploit? Were they trying to get our encryption keys so that they could decrypt our data? Like everything else they only need to ask once, as they go through their list of exploits hacking their way to our server and to our data.

We wait, wonder and look to learning what they will try tomorrow !

Author: Marek Hencl

Managing Director of AARTKOM s.r.o.

Date: July 4th, 2016

Yeaa, some thoughts on technology and the first attempt at a quick blog, ... on a Monday morning.

"To understand technology, to control it, one has to first learn it, then apply it." Take for example the Internet. The world wide web is filled with great knowledge, great wealth, great data and great opportunities. Today we have access from virtually anywhere through our mobile device. Today's websites are more then flashy and smart, they take care of your transactions, adapt to you as the user, exchange data, communicate with others through scrtipts or applications. Do we understand enough about the world wide web? To what degree does it control us, or to what degree do we control it?

So what has that to do with AARTKOM and a blog on technology? Well at AARTKOM we love technology, we love to integrate, to be hands-on, to open new doors to joint synergies and shared ideas. Sometimes its random, sometimes its by coincidence and most of the time we like to think its by design or through planning. One truth of the matter is, that after twelve years of the same website, we had to update it. Our business has changed, its been updated to address growth, going to new markets and fulfilling a refreshed visions.

There are many of the reasons why we decided to code our own web pages. One is to better understand the code, which enables so much technological innovation. Another is do as we preach and to know what we talk about. We are eager to show you how the accumulation of numerous disciplines and eagerness to learning (eg. coding in html/css) opens doors to increased value.

Over the next many months, we will reveal more of what we have done, what we are doing and what we can do. It will take some time, we will make mistakes along the way. We will learn many new lessons and we will improve. Most importantly though, we will apply what we have learned also in the other facets of our business, so that we can better serve and consult you.

Author: Marek Hencl

Managing Director of AARTKOM s.r.o.