| |
| Current Topic: Technology |
|
Saboteurs hit spam's blockers -- Could it be related to the Sobig Worm? |
|
|
|---|
| Topic: Technology |
1:45 pm EDT, Aug 28, 2003 |
] Now the blocklisters are being overwhelmed by Internet
] saboteurs who harness large numbers of computers to
] bombard their victims with vast amounts of junk data. For the last couple months, spam-blocker sites such as Osirusoft, monkeys.com, Spamhaus and Spamcop have been under Distributed Denial of Service attacks by up to 10,000 computers at once. Two days ago, Osirusoft imploded, and shut itself down by blacklisting the entire internet, meaning many businesses who relied on Osirusoft's service became unable to receive any email, even if legitimate. I've been hearing a lot of speculation lately as to whether these DDoS attacks might be related to the Blaster or Sobig worms. Some people say no, they're unrelated. Others say yes, and think that spammers may be behind the coordinated attacks, by hiring blackhat hackers to generate the attacks and create the worms. So this school of thought says that along with the attacks on the spam-blockers, that the worms are intended to create an army of hundreds of thousands of zombie computers, which may eventually be used to send out even more spam. Another school of thought proposes that yes, the attacks may be coordinated, but for a different reason -- that the attacks on the anti-spam sites have been to restrict their spam-blocking effect so that the Sobig worm (which requires spam email to propagate itself) could spread more effectively. Regardless of whether the DDoS attacks are connected to Sobig, what *is* the ultimate purpose of the Sobig worm? Is its "raison d'etre" simply to breed and propagate itself as fast and as far and wide as it can? Or is it just a very efficient delivery mechanism, recruiting hundreds of thousands of computers for some other yet-to-be-defined purpose, be it spam or an even more destructive attack in the future? Or, might the intent even be a benign one -- a worm created to be *so* pervasive and annoying that even the non-tech home users in the world hear about it, and are finally encouraged to secure their systems? In other words, could it have been created as a way of "vaccinating" the internet and building up its immunity to help it withstand a potentially even more malicious virus in the future? Stay tuned, as the story unfolds . . . Saboteurs hit spam's blockers -- Could it be related to the Sobig Worm? |
|
New Sobig Variant May Be Circulating |
|
|
|---|
| Topic: Technology |
6:23 pm EDT, Aug 27, 2003 |
] Romanian researchers claim to have discovered a variant
] of the Sobig.F virus that looks to mail and domain name
] servers at Time Warner Telecom for information about how
] to modify its behavior. New Sobig Variant May Be Circulating |
|
Slashdot | Osirusoft Blacklists The World |
|
|
|---|
| Topic: Technology |
5:47 pm EDT, Aug 27, 2003 |
] NSXDavid writes "Earlier today our site mysteriously
] ended up on Joe Jared's Osirusoft SPAM blacklist which is
] used by lots of antispam software (like SpamAssassin and
] sendmail). Since he is currently under a serious DDoS
] attack, there was no way to appeal this decision. We
] contacted Mr. Jared by phone who informed us that
] 'everyone needs to stop using Osirusoft and that he's
] going to be shutting the service down.' Then he says he's
] going to blacklist 'the world' (aka, ban *.*.*.*) to get
] his point across. Later on this evening, he apparently
] went ahead and did just that. Succumbing to lawsuits and
] DDoS, a once great blacklist is dead. SpamAssassin is
] removing it from their config in the next release (rc3)
] and email admins around the globe are reconfiguring their
] mail servers." "NSXDavid" is at my own company, Simutronics. As a result of Osirusoft's actions, we are now having (even more) trouble getting emails through to our own customers. I can appreciate Osirusoft's frustration, but especially with the mess being caused by worms such as Sobig and Blaster, all Osirusoft seems to have done is just make an already bad situation even worse. The Boston Globe called us this afternoon for an interview, and is writing a story as we speak. Stay tuned . . . Slashdot | Osirusoft Blacklists The World |
|
|
|---|
| Topic: Technology |
8:01 pm EDT, Aug 25, 2003 |
Partial Speaker List for PhreakNIC 7, coming up in Nashville in October 2003: ] Triax - Updates in Satellite Broadband Technologies
]
] Justin Troutman - Encryption Technologies
]
] Elonka - Something 90% of us can't understand, probably LOL! I'm not sure who wrote that, but thank you. Higher praise from a hacker-con, I cannot hope to receive. ;) Phreaknic7 Speaker List |
|
|
|---|
| Topic: Technology |
6:30 pm EDT, Aug 19, 2003 |
] SpamAssassin(tm) is a mail filter to identify spam.
]
] Using its rule base, it uses a wide range of heuristic
] tests on mail headers and body text to identify "spam",
] also known as unsolicited commercial email. When configured right, this works great. :) It analyzes all the email coming in, and gives each letter a score to make a guess as to whether or not it's spam. Just like it's usually instantly obvious for a human to look at a letter and say, "Ugh, this is just more junk," this program can automatically scan letters *before* they get to your queue, identify the obvious crap, and delete it before it ever gets to your mail queue. Then anything that it's not sure of, it can flag as *probable* spam, but still let you, the recipient, make the final determination. My company's been using SpamAssassin for awhile now, and it's been awesome at blocking most of the garbage. Recommended. SpamAssassin Mail Filter |
|
Microsoft pulls WindowsUpdate.com to avert Blaster |
|
|
|---|
| Topic: Technology |
5:07 pm EDT, Aug 15, 2003 |
] Internet users who type the WindowsUpdate.com URL in
] their browser get an error message. Microsoft has deleted
] the Domain Name System (DNS) information for the domain,
] and it no longer sends traffic to an actual Web site. According to Reuters, the number of Blaster-infected machines currently ranges from 386,000 to 1.2 million, depending who you ask:
http://asia.reuters.com/newsArticle.jhtml?type=internetNews&storyID=3287116 Microsoft pulls WindowsUpdate.com to avert Blaster |
|
Windows computers at serious risk from Internet 'Blaster' worm |
|
|
|---|
| Topic: Technology |
5:49 pm EDT, Aug 12, 2003 |
] Dubbed "LoveSAN" or "MSBlaster," the worm does not use
] e-mail to send itself. Rather it is considered
] self-propagating, meaning that it independently searches
] for unprotected computers to infect. Many of my friends are highly tech-literate, and love to slice and dice all kinds of bits and bytes with glee. Many others, however, see computers only as occasional tools, and *not* as a lifestyle. So to tell them, "Patch your computer" is going to get as bewildered a look as if an auto mechanic came to me and said, "What do you mean you don't personally adjust your spark plug timing on a monthly basis?" So for those of my circle who are reading this, who are not "uber-geek" tech-literate: As you're hearing on the news, there is a *nasty* virus going around the web. You don't need to download something to get it, you don't need to open an email to get it. Just being connected to the internet, especially if from a computer that is running Windows 2000 or Windows XP, could potentially mean that your system has gotten infected (Macintosh users are immune from this one). I won't go into a lot of the, "Do this, do that, and if this doesn't work, do that" descriptions to fix things. The simplest fix is: Make sure your Windows software is updated. To do this, the easiest way (assuming that you are using an Internet Explorer browser) is to go up to the "Tools" menu on your browser, and look for an option called "Windows Update". Select that. It should automatically connect to the Microsoft website, scan your computer to see what updates it needs, and suggest downloads. Do what it tells you. Do it now. ESPECIALLY do it by Friday, because this weekend is when things are going to get nastier. If you get stuck, call me or IM me (AOL Instant Messenger: Elonka) or write me (elonka@aol.com). I'll talk ya through. :) Good luck! Windows computers at serious risk from Internet 'Blaster' worm |
|
|
|---|
| Topic: Technology |
10:54 am EDT, Aug 7, 2003 |
This is the page that announces the winners from last weekend's Def Con "Wi-Fi Shootout", where the competition was to see what's the farthest distance that someone could pick up a wireless signal with a commercial or homemade antenna. At Def Con closing ceremonies, we heard that the winner (with a homemade antenna) weighed in with an impressive 35.2 mile range. Unfortunately though, they didn't have pics of the antennas to show us. This URL, however, *does* have more details and pics of some of the various contraptions that were assembled in the Nevada desert. Congrats to the winners! Defcon Wireless Shootout |
|
Has 'haven' for questionable sites sunk? | CNET News.com |
|
|
|---|
| Topic: Technology |
5:11 pm EDT, Aug 6, 2003 |
] A widely publicized project to transform a man-made
] platform off the coast of England into a haven for
] controversial Web businesses has failed due to political,
] technical and management problems, one of the project's
] founders said. I attended this talk at Def Con last weekend, and got some additional impressions than what made it into the article. For one, it was obvious that we were hearing only one side of the story, so there was a definite "sour grapes" feel to parts of the talk. And as the speaker himself mentioned, some problems were caused by the way he and his associate would spend more time traveling around and *talking* about HavenCo, than actually spending time there and running it. Has 'haven' for questionable sites sunk? | CNET News.com |
|
