?

Log in

No account? Create an account
Wakum Mata!
Politcally Incorrect Musings
Storm Worm Strikes Back 
25th-Oct-2007 07:14 am
robot
This one is nasty. If there can be a true evil on the internet, then this botnet is it. It is insidious, pervasive, invasive, vindictive, and cruel.

A "botnet" is a collection of computers (between 6 and 50 MILLION in this case) that have been hijacked and are being collectively used for nefarious purposes. Be afraid. Be very afraid.

It may just be time to switch to Linux if you haven't. Your Windows firewall and antivirus are just not much help against this one if you are infected. If you wish to make the jump to Linux, I can help you. The move is easier than you think. Really.

---

Storm Worm Strikes Back
Though Storm worm's prevalence is under debate, its ability to launch DDoS attacks against investigators is not.
Tim Greene, Network World
Thursday, October 25, 2007 6:00 AM PDT

The Storm worm is fighting back against security researchers that seek to destroy it and has them running scared, Interop New York show attendees heard Tuesday.

The worm can figure out which users are trying to probe its command-and-control servers, and it retaliates by launching DDoS attacks against them, shutting down their Internet access for days, says Josh Korman, host-protection architect for IBM/ISS, who led a session on network threats. [...]


---
Now you get to read about how it renders your antivirus inneffective

Storm Worm Botnet Lobotomizing Anti-Virus Programs
By Lisa Vaas
October 24, 2007

A new technique leaves anti-virus products running but brain-dead; an expert says we haven't come close to witnessing Storm's true power.

NEW YORK—The ever-mutating, ever-stealthy Storm worm botnet is adding yet another trick to its vast repertoire: Instead of killing anti-virus products on target systems, it's now doing a hot fix with a memory patch to render them brain-dead. [...]
Comments 
25th-Oct-2007 05:27 pm (UTC)
And aren't they saying they think this 'net is being built to be sold to the highest bidder?
25th-Oct-2007 06:03 pm (UTC)
If so, it would be a toss up whether that would be China or the Saudis. I don't think that anyone else would have the cash. SA has the money up front. China would just let people starve, etc., to get the funds.

The maker... guaranteed that he/she/they would never get to spend that money. Sudden wealth like that would NOT go unnoticed. I don't think there is a way that those funds could not be tracked.
25th-Oct-2007 07:25 pm (UTC)
The day my adobe products work on Linux..I will switch.
25th-Oct-2007 07:46 pm (UTC)
Which Adobe product is that? I am guessing some sort of Flash.
25th-Oct-2007 09:21 pm (UTC)
That's pretty much my stance. Sure some things "work" on Linux. There is just not enough consistency, really.
27th-Oct-2007 06:21 pm (UTC)
Your hypothesis is only true until Lynx becomes a mainstream system worth attacking.

A more proactive approach would be to develop a method to identify the sleeper bots and disable them.

Or better yet build systems that can't be reprogrammed or use a completely alien environment.
29th-Oct-2007 07:55 pm (UTC)
One of the "safeguards" that results from Linux, is that there are so many different states of the kernel in use in the wild. Pretty near every distributer has tweaked the kernel making the various installations around the net pretty inconsistent. Designing an attack against one distribution does not mean that that same vulnerability will exist in another.

Microsoft is pretty much monolithic by nature (single source software) and, like in nature, has a very small "genepool". This allows for an attack on one system to be extended to all.

Another plus for Linux is the rapid response by the community. A patch can be generated in hours versus weeks or months for Microsoft. This short turn-around time further limits propagation of malware and viruses.

So, should Linux ever TRULY become "mainstream" (Linux enjoys 24% market share in servers), you can be that it won't experience anywhere near the security issues that Microsoft has.
This page was loaded Apr 19th 2018, 11:49 am GMT.