
I dont understand, how crackers can break into a PC that doesnt run any server? - id122015
excuse my innocence.
======
Millennium
They can't. Not the way we typically think of "cracking", anyway.

What they CAN do is try to trick the PC's user into putting a server of some
kind onto the PC. If they succeed, then they can just use that. This is
essentially what most malware does.

------
noonespecial
The one I fix the most is "You need to update your flash to watch this video".
-Clicks OK- -Types OS Admin password-

Now there is a server running.

------
daly
Some Intel boxes have a Management Engine which can boot a powered-off machine
remotely and take complete control.

Wireless connected machines can be attacked using skip-level packets.

Some ethernet interfaces have controller boards that can be hijacked remotely.

If you're using a bluetooth keyboard it can be attacked remotely.

MS boxes have a dozen ways they can be attacked (e.g the remote management
console, the printer, the shared folders, etc).

Here's the universal law: If the CPU can get at it, then anyone can get at it.

If you want reasonably secure records (e.g. employee data) then ONLY ever
record that information on paper and keep it in a locked room. Oh, and don't
use the copier because the copiers have hard drives that store image data.

------
100ideas
Because there are many OS services and user-installed programs that do send
and receive data to the wider internet, even though they may not be web
servers per-se. Also what @daly said.

------
Zelmor
Services, basically. This is why system hardening is essential. You don't need
all 148 services running on a windows 7 home edition machine.

