You can view the page at http://www.maxconsole.net/content.php?45816-Sony-reveals-how-hackers-infiltrated-PSN-security

Wow cool! What would Sony's application server be? Also, how was the exploit discovered?

"click the respective thumbnail".... Zeus (http://www.maxconsole.net/member.php?6-Zeus) is dumb.

That... is just really really basic outline... so all the hackers did to the PSN is what any trojan does. So I could only conclude from that diagram, PSN has as much protection as a normal PC.

Compared to that PS3 Hack Team's presentation on the system architecture. That diagram is just failsauce.

That's it!! What a nooby setup.

This figure has no real informations about the PSN hack, look like your typical OMFG hackers P0WNED my server

I had read that they were running PSN using Linux on the cheap with very lax security (probably on PS3 clusters with the other-OS feature still there). Really a sad day for people who trusted them with their info. Never again Sony.

Sony makes it look like it was some sophisticated attack. From what I read, the attacker just hacked into a remote computer that had remote access to the servers itself (aka, Sony didn't cover all bases).

Odds are, Sony doesn't have a secure internal network to begin with. Their servers were likely blocked from the outside world unless you were on their whitelist, but the remote computers with access probably never had any white/blacklists at all. I'm going to bet the computer was not behind a corporate firewall or anything like a good VPN setup between remote machines and servers would have.

Regardless, doesn't matter how it happened Sony got fucked.

So going by that image it was an inside job?

I had read that they were running PSN using Linux on the cheap with very lax security (probably on PS3 clusters with the other-OS feature still there). Really a sad day for people who trusted them with their info. Never again Sony.

Since hackers got into the management console, it does not matter what kind of OS they used on the servers.

The problem here is that they used a windows machine as management console.

The whitelist described in another post in this thread is exactly how I have set up security. To get into these systems you need to know the hostname, IP address and somehow get into one of the servers thru a trusted console. When you are SU on one of the servers you can access all other whitelisted servers. The reason why we use this kind of security is that the servers can communicate with each other without sending password. Even if we encrypt the TCP/IP traffic, if someone can snoop the traffic they can extract the password.

That's it!! What a nooby setup.

In what way?

Sony makes it look like it was some sophisticated attack.

Oh really? In what way does that look sophisticated?

Jesus ,

those Chinese sellers have absolutely no limit ...

I don't even think they are bots ...

Oh really? In what way does that look sophisticated?

Indeed.
You can actually use the descriptions used here for most intrusions.

They should show which security measures were bypassed. But of course they won't do this or we would all be raging even more.:p

Nonetheless I'll stay with Sony, nothing can beat their exclusives.:)

Oh really? In what way does that look sophisticated?

Yeah really they just kinda drew a line through their servers... Like okkkkkk. That sure explains alot. (not really though)

In what way?

cmon its a basic setup for any corporation. I just finished up a final project for my Corporate Security class that is way better than this.

Then again maybe i spoke too soon. The slide only details the "Intrusion Route to the System" rather than the sophistication of the security system.

Wow Sony has got 3 layers of firewall which is quite alot and hackers are still able to penetrate. It goes to show nothing is safe on the Internet these days. Sony made a great move by giving everyone 30 days free access to PS+, that's a potential saving of around $40 for every user which is quite generous of them. Considering PSN is free to play also which is great.

we are sony
we fail at failing