Dohiyi Mir
    In Which NTodd Says His Peace

Friday, August 01, 2003
Go to the new DM blog.


DHS Warns Of Internet Attacks


The National Infrastructure Protection Center has issued this update to an earlier warning about Windows:

The DHS/ Information Analysis and Infrastructure Protection (IAIP) National Cyber Security Division (NCSD) is issuing this advisory in consultation with the Microsoft Corporation to heighten awareness of potential Internet disruptions resulting from the possible spread of malicious software exploiting a vulnerability in popular Microsoft Windows operating systems.

DHS expects that exploits are being developed for malicious use...SEVERAL WORKING EXPLOITS ARE NOW IN WIDESPREAD DISTRIBUTION ON THE INTERNET. THESE EXPLOITS PROVIDE FULL REMOTE SYSTEM LEVEL ACCESS TO VULNERABLE COMPUTERS...AN INTERNET-WIDE INCREASE IN SCANNING FOR VULNERABLE COMPUTERS OVER THE PAST SEVERAL DAYS REINFORCES THE URGENCY FOR UPDATING AFFECTED SYSTEMS.

Here's the deal: scanning software is readily available for the "script kiddies" to download and start probing for vulnerable systems. In a matter of minutes, I could scan my ISP's network or that of another provider and find lots of users whose systems are wide open (I've done this as a security professional). Frankly, most Internet users are not all that savvy when it comes to computer security, and they represent a weak link--once I find them and take advantage of this announced flaw, I can load and run software from their machines to do whatever I want.

One popular form of attack is known as Distributed Denial of Service (DDoS). As the name suggests, I can do a variety of things (e.g., flood a computer with bogus computer messages) to bog down and/or crash a machine, thus denying service to legitimate users. That's become more difficult to do with a single hacker computer, but I can enlist unwitting participants to launch my attack from hundreds or thousands of computers at once, which is difficult to block. So I scan a network with an automated tool, install a "zombie" agent program that will do my bidding on all the exposed machines I find, and once I've got enough in my virtual army I send a command to them and they will attack whatever network or computer that I desire. You might recall a spate of highly publicized attacks on the likes of Ebay and Amazon and CNN back in 2000. That could happen again.

Do us all a favor and get you machine in tip-top shape. If you don't know how to do that, ask your IT administrator or ISP to help.

ntodd 
   |



June 2003 July 2003 August 2003 September 2003 October 2003 November 2003 December 2003 January 2004 February 2004 March 2004 April 2004 May 2004 April 2007

FAIR AND BALANCED

Best New Blog finalist - 2003 Koufax Awards

A non-violent, counter-dominant, left-liberal, possibly charismatic, quasi anarcho-libertarian Quaker's take on politics, volleyball, and other esoterica.

Lo alecha ha-m'lacha ligmor, v'lo atah ben chorin l'hibateyl mimenah.

For more about me, go to www.pritsky.net. You can also e-mail me at blog@pritsky.net.

My Weather Stations
Newark WX/Webcam
Fletcher WX

Donate to my Fox lawsuit legal fund (via Paypal or Amazon). Alternately, you can buy me stuff off my Amazon Wish List.

check to have all links open new windows

Boot Bush! Donate to the DNC today
Donate to the DNC

Single Donations: 2 = $170
Sustainer Donations: 1 = $40
Recurring Donations: 0 = $0
Total Donations: 3 = $210


Contribute to John Kerry

Total Donations: 13
Total Dollars: $750
Average Donation: $57.69


Give to MoveOn

In



Dean is still the messenger.
We are still the message.



My goodness! Rummy loves
these fair and balanced blogs:



The Coalition

Co-Conspirators Destined For Gitmo

Open Source Politics

Guilty By Association


Cairo wonders when I'll be fair
and balanced and go throw sticks...

Listed on Blogwise

Powered by Blogger