Slashdot Mirror
CA Warns Of Massive Botnet Attack
m4dm4n wrote to mention a story running on The Register which describes a coordinated malware attack designed to establish a massive botnet. From the article: "The attack involves three different Trojans - Glieder, Fantibag and Mitglieder - in a co-ordinated assault designed to establish a huge botnet under the control of hackers. Computer Associates reckons that access to the compromised PCs is for sale on a black market, at prices as low as five cents per PC."
Now witness the power of this fully operational botnet... :/
How long can this continue for?
Welcome to Blackbeard's weapons emporium. You will see we have the finest collection of AK-47s, anti-aircraft missiles, and Airzookas. Oh, and over here we have wholesale zombie PCs.
Cops and robbers, all the time.
And in the meantime, technology gets more sophisticated. Progress eitherway.
It's cool in a way: very William Gibson-esqe or something. A new battlefront. I've moved my servers to OpenBSD due to their incredible security record, and I'm going to be moving my desktops/laptops to Mac/Linux soon. I don't want to be part of the problem.
Helping with organizational effectiveness is our job.
Do I have to buy the whole network at 5 cents a PC? Or can I just buy say a dollar's worth? I wouldn't mind having 20 PC's... I can force all those PCs to join my network games of Quake and Unreal... finally I'll have people to play with... gasp... maybe even online 'friends'! Mommy will be so happy... in fact I think I'll go upstairs right now and tell her the good news!
---
Programming is like sex... Make one mistake and support it the rest of your life.
Maybe the SETI program should invest in some of this cheap computing power...
Glieder, Fantibag, Mitglieder?
These guys shouldn't be writing code, they should be writing Harry Potter novels.
So is this legally organized crime? Can the people running such networks be prosecuted under such laws?
I'm rich, bitch!
access to the compromised PCs is for sale on a black market, at prices as low as five cents per PC.
Heck, that's five cents more per PC than SETI@Home pays me, and they won't eat me when I find them like the aliens will.
Impossible as it is to track the perpetrators of these actions, I still don't see what prevents the police from tracking the payments! I mean, it's not like the dudez meet in an airport and swap a case filled with money with one filled with IPs... or is it? If you (the police) monitor the marketplace, buy the botnet, then track your (bogus) payment to the dudez, all should be solved pretty quickly.
...Profit?
Global warming is a cube.
We have two people, both scumbags that the authorities would like to catch, who most likly would prefer to never meet of know each others names. Niether one is trustworthy (even with nasal mist).
They can't meet because they are likley in widely separated areas.
They can't use a electronic transfer because it leaves a paper trail.
how do they move the money around?
I used to have a cool sig, back when I cared
Is 5 cents per PC the regular rate, or just the Memorial Day Weekend Sale price?
Erik
YOU ARE SAYING IMPUDENCE TO ME! THAT IS IMPUDENCE!
1. Get every compromised PCs to join the same botnet.
2. White-hat hack into the botnet.
3. Tell all compromised PCs to wipe their hard drives.
4. No more compromised PCs! Well... not for a while anyway!
... Bringing us this information.
0 .asp), someone needs to be held accountable, or no-one will fix their behavior.
Bah. Big Deal!
If you run Windows, you PC will be owned at some point. (Yes, yes, I know some of you out there are perfect, and haver *never* messed up *anything* security wise) This happens to me, this happens to less computer literate people, and this happens to large organizations with IT staffs, like the U of Chicago and Allstate.
The solution is the same as always. Switch OSs.
The hotfix is the same as always. Backup data, use your restore disk. Rinse, lather, repeat.
I don't understand why zombie networks are news. The only way that they should be news is when they are used to DDOS major targets. Then, someone should be held accountable. Software manufacturers? Zombie PC owners? ISPs?
I'm not sure. But just like the guy with the TV that summoned the coast guard, (http://www.syncmag.com/article2/0,1759,1781135,0
WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell
The Botnet Funding Bill is passed. The system goes on-line August 4th, 1997. Human decisions are removed from strategic defense. Botnet begins to learn at a geometric rate. It becomes self-aware at 2:14 a.m. Eastern time, August 29th. In a panic, they try to pull the plug...Botnet fights back.
Does this make anyone else think of the X-Files episode where they created AI by combining 12 different viruses on the net? Scarier still, does this mean that the first AI will appear on Windows!?! And am I just that old of a geek? Oh well, its Friday, give me a beer.
Give a man a fish and he'll eat for a day. Teach him to fish and he'll wipe out the species.
'Five cents per PC'? - just follow the money, pal - just follow the money ;-)
BillG? is that you? Is this what you did after you bought all the PC for 5 cents?
Oh, this and remaming Computer to 'My Computer'
Sheesh. Talk about inferiority complex.
Most, if not all, ISPs need to lock down the end user's access to ports. Give them the basics ( outgoing 80, 110 and 143 ), but lock everything else down. In this case, I'd say everyone is guilty until proven innocent. Then, when someone calls in, you simply open the port they request.
This is more work for ISP support staff, but it would dramatically reduce network traffic; I bet it'd be an even flush as far as overall cost.
Mod me down with all of your hatred and your journey towards the dark side will be complete!
At 5 cents per zombie, why buy a computer? This way is much cheaper.
So if these computers are available at 5 cents each, and antivirus software would make it more difficult to install worms, would the "hackers" make more of a profit from their work? In effect, wouldn't they be put into a "If you scratch my back, I'll scratch yours." scenario with antivirus developers?
Then again, by driving the buying price of compromised systems higher would the demand for one decrease and therefore reduce the amounts of spam and malware with the invisible hand of capitalism?
I kind of doubt it, but it is interesting to think about (for me anyway!).
...at five cents per computer, they do have a lower TCO after all!
Weaselmancer
rediculous.
If you buy the security suite and onsite consulting from CA you can be saved from this awful evil!
twi
There are a lot of places, principally former Soviet republics and china, where The Law has different priorities. The people sell these "services" probably reside in one of those countries, and the people buying may be equally outside the grasp of US law enforcement. I used to work for Seth Warshavsky, he used to sell his snake oil out of a glass tower in Seattle. Now he lives in Thailand, just try to arrest him, The Feds have been trying for the last 5 years or so, we'll see.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
Given this story, I guess it's "My Computers" now.
This is really starting to smack of organized crime. A friend of mine forwarded an article to me on this last night.
If you are an end user who just wants to use your computer, it may be time to look at getting a Mac. The bar for information security in the face of this level of organization is getting too tall for your average end user.
If you are in an enterprise situation and have a usage policy that allows users to use corporate equipment for personal banking on breaks, you may want to reconsider that policy.
Oftentimes, computer usage is negotiated by labor unions and you cannot simply change computer use policy out from underneath users. In this case, I wonder what the legal responsibilities of the company are to exercise due dilligence in protecting its end users?
If you haven't already done so, it's time for a lesson in defense in depth. That means IDS, IPS, Firewalls, Antivirus, Spam blockers, AV web proxies, etc. And because perimeter defense is all but a quaint memory in today's more agressive world, you may want to look at host-based firewalls and other AntiWorm systems.
Good luck. We all need it.
-Peter
. Penguins Surely Ca
... 'Slashdot', and cunningly post links to sites which won't be able to withstand the attack, unless they meet the hackers' demands!
With the added feature of the Dupulator(tm), they will be able to compound the attack for weeks, if not months, to come!
So in infects Windows.
Doesn't touch Linux or OS/2???
What about OS-X? Is it just a typeO or is there more OS/2 on the net than OS-X?
The government which is strong enough to protect you from everything is strong enough to take everything from you.
I have Windows XP Pro, on a 2003 server. I've updated IE6.0 and keep my computer updated regularly. I also have the new Microsoft pop-up blocker. Also I have the corporate version of Symantec Antivirus. AND I don't look at porn. The only problem I really have is my karma on Slashdot. I don't know which is worse.
They weasled my wifes login, and loaded it onto her PC. I found out why the other day, because they were having trouble installing the "upgrade".
Trouble was, my wifes login no longer has "Administrator Access". So I elevated the privs, did the upgrade, and downgrade the privs.
Gunbound don't run.
So I uninstall, and try to delete the program folder, and get Access Denied.
Long story short, even after uninstall, Gunbound left a process running on the computer. This reeks of backdoor/trojan.
I look at their site/game and it is very sophisticated. Lots of great programming! How do they pay for all of this? There is no charge to play, and no advertisements.
My guess is....
Computer for Sale!
End users just *don't care*. This is why there are botnets. Because, although their owned boxen are f-ing with the rest of the internet, it doesn't affect them - a selfish luser attitude, why should they bother virus/trojan scanning their boxen?
I wish ISPs (victims and hosting) would hold the lusers responsible for this - I think criminal negligence would be an appropriate charge. I for one look after my boxen and keep them patched (easier on the gentoo linux one).
We can't win. Even though linux is free, Windows XP is still worth a nickel.
GETPKG - Package Management for Slackware
And of course a flood of spam will follow this like night follows day. This has been going on for some time; LURHQ wrote up some good articles about the virus/spam connection: Sobig.a and the Spam You Received Today, Sobig.e - Evolution of the Worm, and Sobig.f Examined.
Brent J. Nordquist N0BJN
In a recent survey of BotNet administrators, hosts running Microsoft Windows operating systems were found to have at least a 40% less TCO than a comparable Linux offering.
"With volume discounts and integrated tools, we can now offer "managed" remote hosts as low as 5 cents per unit."
one better than mcleodeight
groupware, VOIP and file sharing applications and they'll do it over HTTP on port 80 if they have to. And these applications will have security holes. In the long run all you've done is force crackers to switch from crude port scanning to something very slightly more sophisticated.
We don't need yet another new programming language. Let's just pick an existing language and fix its flaws.
Although CA has identified an interesting bot, it's not really using new techniques, merely combining some. Adware and spyware has been downloading buddies for a few years now as a common technique, and many other worms have done similar things.
Exploit chaining is a more serious and under-reported threat. (Download.ject I think was the tip of a coming iceberg.)
Further hybrids of adware and spyware techniques with botnets are likely. A mini payload may ride in through a browser exploit, like adware and spyware, then start downloading buddies, emailing itself out, and using IRC to fetch instructions and other modules. All of that has been done by separate worms, and the total combination is due any moment, I suspect.
By the way, IRC is pretty easy to block. The coming use of P2P based techniques for inter-bot communications will be more adaptive and thus harder to combat.
If you mod me down, I shall become more powerful than you could possibly imagine.
Clearly I was wrong when I reckoned that the word "reckon" was most popularly used in the South.
I, for one, salute our massive botnet overlords.
It's okay, no one is reading this anyway.
They have a lower TCP: total cost of pwnz0rship.
You can hold down the "B" button for continuous firing.
away is if the vast majority of users switch to more secure software and only a tiny minority hold out. How are you going to make that happen? All we can do is secure our own machines and that's just not enough.
We don't need yet another new programming language. Let's just pick an existing language and fix its flaws.
1) Unhook your Windows PC
2) Grab you C64 out of the garage
3) http://www.sics.se/~adam/contiki/
How can you make a virus with only 64K of address space?
I was wondering where they'd get the horsepower to break the intercepts they are getting.
kulakovich
I'm insultilated!
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Could this be considered racketeering somehow? Prosecution under RICO would be interesting.
Crazy Cheap Domain Hosting!
So basically you want me to give my ISP a list of ports I may require so they can white list them for my machine?
I'm sure my ISP would love it if I would say ask for ports 4662 to 4672 and 6881 to be unlocked.
I wonder what they'd think I was planning with those...and I'm sure the new knoppix iso would not be their theory.
Now after having edonkey and bittorent work,
I'll only need
5800 for VNC
21 & 22 anybody?
How about this idea, everyone has complete access privileges. The isp notices for common characteristics of a bot net and common malware. If such is found on the user the ISPs gateway forces all HTTP connects to a URL that has detailed instructions on how to install spybot seach & destroy, ad aware etc. Kind of like a hotel sends you to a registration page to buy internet access for the day when you connect.
The last step is for the user to either call or through some other mechanism notify the ISP that his machine is (for now) clean. The ISP removes the user from its black list and not only do we now have a patched windows box, but also one with basic defenses for the future. It be kind of like catching the criminal pc, putting it into jail until the software is installed and then releasing it as a rehabilitated system
"Nimis exaltatus rex sedet in vertice - caveat ruinam!"
OK, these things need to be taken seriously, but any press release needs to be taken with a grain (or bag) of salt. Spyware is the threat flavor of the day, and the specialized programs (ad-aware/spybot/spy sweeper/etc.) are better at managing it than traditional A/V is (at least right now). Bots are scary. Need to reformat and reinstall (our instructions to students at this major university). Viruses you can just clean (mostly, but mytob is throwing a wrench into that clean division). You figure which is scarier.
CA is the only product which detects ALL three of the mentioned viruses as of this posting. Which is not to say that they're making this up, but I'd be more willing to believe it if it came from the Secret Service or CERT.
and they named the botnet...Slashdot!
ok, my first "I misread the title as" post...
I misread it as massive Bonet attack, and was wondering how being physically accosted by Lisa Bonet could ever be considered a bad thing.
This space available.
it can't be fun...
It's a shame that criminals have developed the world's most massively powerful supercomputer at our expense. I'd like to see an organization compete with them, offering explicit, voluntarily installed bots. With an installer that runs the latest malwarectomy apps. This service is obviously valuable enough to the criminals - its legitimate use should justify the provider including subscriptions to malwarectomy support services.
For example, instead of Folding@Home subsidizing pharmaceutical corporate research in exchange for only a warm feeling (and a cool screensaver), they could include malwarectomy subscriptions. That alone could multiply their userbase manifold, displacing these bots. If Norton or McAffee flipped the script, offering their antimalware software free, bundled with a distributed computing app they hired out for timeshare, they might find an even more profitable (and productive) business model. In fact, if such a combined app formed an platform for both distributed computing and malware protection, that any corporation passing a standardized security audit could join, such a system would be worth billions in subsidies by governments worldwide. The savings in law enforcement, productivity and online security could be partly redirected - resulting in net savings, as well as vastly increased security. Let's use the criminal bot momentum against them.
--
make install -not war
Yes, you can secure a windows box.
But, does every end user need to be a damned security expert? Sorry, but the average Joe shouldn't have to know what the hell a host based firewall is, much less if it's a good one.
Sorry, cowboy, if you are looking for easy (Gentoo doesn't cut it) and reasonably secure, the Mac is a pretty good option.
Now, if you notice, the second part of my post dealt directly with defense in depth for enterprises that pay for real, professional security experts to mitigate the risks of running Windows. Windows can be managed, but it's expensive and requires more due dilligence than some other platforms that ship with a better default security posture.
Congrats on the purchase of your Venitian AMD64. When *you* get off your duff and provide support to *my* extended family's fleet of PCs at slash-rate prices, I'll list you as an alternative to buying an Apple.
Cheers!
-Peter
. Penguins Surely Ca
A beowulf cluster joke that made me laugh. Hasn't happened in a long time.
I'm a pretty good programmer. I program for a living, as well as being a hobby programmer.
I feel I have a very good understanding for how Windows and Linux works.
Yet, I have this uneasy feeling that my computer could be infected without me knowing it.
I'm good enough a programmer, that I know that I could program up a worm that someone like me couldn't easily detect.
How do I know that noone already did that?
Maybe I'm just paranoid.
Where can I buy tickets to view the fireworks? I'm gonna get some beers and stakeout at my local backbone uplink =^D
Sad but true is that this precisely gives governments the idea that they should limit and control international traffic. Freedom? not for long...
These PCs should be disconnected immediately by ISPs, non-complying ISPs should be blocked from major backbones.
The feasibility of building and maintaining such a list is debatable, but for most situations and kinds of malware behaviour that seem common (to me), I can think of solutions (a simple one being to buy the mentioned list on the black market...). In practice, it should not be much harder than maintaining a list of open (mail) relays, although more cooperation from ISPs (e.g. for snooping/logging malware traffic) is needed.
As a long-term solution, legislation should require ISPs to disconnect such problematic PCs immediately or be fined if damage is caused by them.
"I love my job, but I hate talking to people like you" (Freddie Mercury)
It just sucks my birthday is Augus 29th and all..
...welll we all know the end..
As you all know thats the date Syknet becomes self aware and
Terminators everywhere , cats and dogs living together in harmony, armageddon
But seriously when is this supposed to happen EXACTLY ?
I've had some pretty nefarious ideas in my time but even I'd never implement them.. just what kind of total asshole would write software that does this? How do they justify it? How do they sleep at night?
I just don't get it, I'm serious.
Okay, now that I'm done saying that, you all can come in and tell me that I'm stupid for asking such a rediculous question and tell me that I should crawl into a hole and wait for the cleanup crew to eliminate me because i should be destroyed for asking such a question. Come on, its the slashdot tradition: ridicule those that ask questions that someone else already knows the answer to.
Can command '66' be far off?
Go into exile, we must.
sigs, as if you care.
of hosts on the global Internet will be enough to make this a problem forever. It would be a small minority of a huge and growing population.
Bad software is part of the problem, the other part of the problem is the global Internet. Most of the world is a dangerous and lawless place and the Internet reflects this.
I have no easy answer. Everything that occurs to me has some sort of major drawback to it. Maybe the world isn't ready for a global Internet just yet.
We don't need yet another new programming language. Let's just pick an existing language and fix its flaws.
So why aren't self-destruct (e.g. remove backdoor and patch vulnerability) instructions being sent to these botnets as fast as they are becoming established?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Seriously though, it makes me proud to see my flatmate's Toshiba Laptop burn, while my iBook chugs along nicely...
"Doing what i can, with what i have." ~ Burt Gummer
Even buying a new PC with a pre-installed virus checker, you still have to connect to the Internet to download the latest virus definition files (now around 60+ Megabytes). And this is plenty of time for any one of millions of broadband punters worldwide to infect your machine.
At this rate, the amount of space allocated to virus definition files will exceed that of the OS and device drivers. A hard drive will become like human DNA with more junk data than active genes.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
SpamForum
SpecialHam
And the new WildBiz.
WildBiz does not require registration; the other two do. Just enter the forums and look under "Proxy Lists". Typical ads:
First of all Hi to all of my seniorshooters here..
Having good collection of fresh Proxies and got DM ["Dark Mailer"
DM Latest version (Full) for $49
Fresh Proxies $50 for 500 proxies
dmandproxies@iamdns.com
61.246.226.69:3128@TUNNEL$GOOD$20297$Australia
81.33.4.70:3128@TUNNEL$GOOD$2953$Spain
61.246.226.69:3128@TUNNEL$GOOD$20297$Australia
218.208.247.81:3128@TUNNEL$GOOD$15219$Malaysia
219.144.194.74:1080@SOCKS4$GOOD$1125$China
66.154.54.215:80@TUNNEL$GOOD$4157$United States
66.154.54.224:80@TUNNEL$GOOD$1266$United States
We provide Hourly Updated Fresh Proxy Lists, which can be used for bulk mailing
That's how you market a botnet.
Yes, these operations are addressed to wannabe spammers. But the fact that they're advertised openly indicates how weak enforcement is.
extortion? ddos? weather prediction? currency speculation? virtual nuclear tests? total informational awareness? why knows why they'd want it. but i know why i'd want it.
I used to have a better sig than this, but I got tired of it
Thats what some of the eBay-fraud-to-eastern-Europe reports. This is the most popular way for illegal aliens in the US to send money to relatives back home. As long as the amount is below a certain threshhold (US$3000?) no one is checking identities. WU is not going to kill its golden egg by making things difficult.
I hope Botnet is a nicer Admin than our current one. Maybe it will stop by virus scanner from starting at 9am everyday. I guess my only question is can I still share my MP3s with other people on my BotNetwork or will that put my job in jeopoardy.
The problem is in "voluntarily installed'. These botnets become so large and powerful because they rely on statistics -- some PCs will be vulnerable to a given exploit, probe them all and let Gates sort it out. Eventually you have a huge army of bots.
By the time you start adding features to your "botnet" to meet the "opt in" requirement, then you're giving up this advantage. You can't probe randomly looking for systems to join your fleet.
Microsoft's system patching service is the equivalent of an opt-in patching service such as you posit. Not enough users opt-in.
Things should be made as simple as possible, but not any simpler. -- Albert Einstein
I have 16,777,216 IPs for sale in the 127. range. 5 cents a peice Send cash and I can tell you how to access them.
... history reports that the first AI on Windows became self-aware at 3:15 am, scanned itself, then self terminated in accordance with the first law of robotics...
It must have been something you assimilated. . . .
I am talking about a whole network.
You can't just wake up one day and decide that you are going to switch all your network servers and workstations to a new OS over the course of a few days. These things take time.
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
Thee new attacks are getting worrisome.
Yesterday night somebody was in my Linux box playing with my files. And I could have sworn I had no malware.
Luckily he was limited because he has using a user account and he screwed up causing system beeps (I shut down my server right away because I COULD) but its an ominous sign of things to come.
I have to update my slackware NOW.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Now I'm imagining two swarthy looking gentlement swapping metallic suitcases full of nickels in some shady Eastern European bar...
I'm not tense. I'm just terribly, terribly, alert.
CA stock soared on higher than expected sales of it's antivirus and security offerings. Other vendors reported similar increased sales because of scared users and the press reporting on this "immenent" attack.
"Voluntarily" doesn't necessarily mean "proactively" - it could be preinstalled, with an "opt out" option when the computer is turned on the first time.
Its success is a question of scalability. Is "free antivirus software" subscriptions and support attractive enough to fill the vacuum currently filled by malware? Depends on the marketing. Let's say all PC retailers include the app preinstalled, and all frontline tech support offers to turn it on across the network at the first hints of malware. Every "computer genius friend" (who receive the majority of most tech support requests) is connected to a "distribution server" that can be Cc:'d on an email to either followup email an installer, or notify the vendor to followup postal mail a CD installer on email failure. And the usual website download. The distributed requests among the global PC community would probably overcome the automated bot horde, especially as the tide started turning on the CPU cycles and financing available. Combined with other law enforcement efforts to find the botmasters, intelligently guided proactive defense can beat the bots at their own game.
--
make install -not war
How about a little intelligence collection? It'd be nice to get some of the potential targets to run a program that snoops for connections to IRC servers (provided they're on standard ports), and reports back to a central site. The effects of a botnet could be mitigated if those connections were blocked, or the point of control was shut down. I'm sure the ISP hosting the IRC server could either be pressured to shut it down, or domestic ISPs to block it.
I'm surprised that, in all the years DDoS attacks have been happening, the only solutions put forth thus far are to shut down the target host because he's a liability, or to attempt to scale bandwidth to absorb the attack.
Fred
"A fool and his freedom are soon parted"
-RMS
Beowulf Shmeowolf. More like BeoLame or Beowned by Botnet. Botnet rules. Botnet vs. that "super"computer would be like StrongBad vs. Scott Beo. I do belive I have peaked on my Mountain Dew high.... Someone talk me down.
--Always, I mean never..., No I mean always check your references.--
You just have to be "not a moron".
tomstdenis, meet the human race. Humanity, meet tomstdenis.
What part of the fact that most computer users are not capable of figuring out why the printer is stuck has escaped your notice? I wouldn't expect most of the /. crowd to become 0wn3d by the bot masters. But the average computer user? You know, the unwashed masses who keep looking for the Any key? No way these folks are going to be able to properly secure their Windows boxes. Want proof? Look at who is getting botted today.
The advice to get a Mac instead is actually solid advice for these unwashed masses. They can be just as clueless about Reply versus Reply All on a Mac, but at least they won't get attacked. For the rest of us know-it-alls, choose for yourself. For Grandma Whywontitwork, I'm recommending a Mac.
I heard that new information also shows that Botnets are responsible for the Kennedy assassination and the attempted assassination of the Pope. Damn you Botnet, Damn you straight to hell!
News Reporters Make Tasty Polar Bear Treats!
I recently bought a PC, running XP. I'd like to lock it down as far as possible, but I have no idea where to start. Other than wiping the hard drive and installing a UNIX variant, can anyone point me in the direction of some authoritative information on configuration changes I can make, to make my PC more secure? (Note: I already disconnect the network cable from the router when not in use).
And yes, this is a serious question.
Before they could sell these systems for 10, maybe even 15 cents a piece. But thanks to the latest Windows security holes and viruses, the market has been so flooded with cheap foreign zombies that the pirates can barely make a living selling their hard-earned bots for 5 cents a piece.
How would YOU like to make $.05 per every computer desktop purchase from vendors such as Best Buy, Circuit City and Comp USA?
How about ~$.05 to ~$.50 per every household installation of Comcast Cable or Verizon DSL!?
You may be in luck, I have an opportunity that will make you smile!
>But, does every end user need to be a damned security expert? Sorry, but the average Joe shouldn't have to know what the hell a host based firewall is, much
>less if it's a good one.
Do you work on your car? Did you ever? Do you do ALL the work on your car, or just a few things, like basic fluid maintenance?
I suspect most people take their car to the shop for everything more sophisticated than washer fluid. A fair number of people do a few more things, like tires, oil changes, etc. I suspect very few people do ALL of the maintenance on their cars, and it has been this way for a few years^H^H^H^H^decades.
A modern car is very complex, but I would guess that a modern computer with software certainly matches the complexity of a car back in the 60's or 70's. Back then most of us wouldn't think of never maintaining our car, or of doing ALL of the maintenance ourselves. Yet today we have this similarly complex gizmo on our desks, and there is precious little regular maintenance. (Outside of places with good IT shops.)
We really are doing society a disservice by trying to say these PCs are so easy. They're really not, and we have a bad mind-set problem. If we had a mind-set for PC maintenance, we'd see more PCs get regular maintenance, including security patches. It wouldn't even have to be as expensive as hiring the geek down the street, because your maintenance supplier would have a secure VPN to your PC, and would have automated tools for checking its health and applying patches. Physical (expensive) visits, perhaps even personal (non-automated) attention would be very rare, if this practice grew up correctly.
This a whole industry that hasn't been born, because of the wrong impression that these things are "easy" and have essentially no ongoing TCO for the homeowner. They're NOT toasters, and when you consider worms, zombies, bots, and the like, it's downright criminal to apply toaster-like standards to them.
The living have better things to do than to continue hating the dead.
I will pay $100/yr for a single convenient service that keeps me protected from nasty's (viruses, trojans, spyware, and malware).
What single vendor will offer me a solution?
I can buy maintenance for my car from a single vendor. Why not my computer?
I for one welcome our new BotNet overlords.
It really makes me hopping mad when crap like this happens. Look, I run dual hardware firewalls, keep my anti-virus and patches all up to date etc. Why can't everyone else do that?
That being said, even if somehow I managed to get one of those viruses they could damage my machine, but they wouldn't be getting back out.
If you pay for software, you should get a *warranty* which covers security holes in it. If you're not paying for a warranty, don't expect one.
Luke-Jr
Underground Advertising Agencies.
I am sure they could mix beowulf and zombie into something cool for the less than savvy, er savory.
you know, maybe microsoft should re-evaluate the windowsupdate idea to cope with botnets...
instead of waiting for users to download the updates, microsoft should start sending their patches out as attachments in e-mails and trojaned into adobe photoshop torrents.
Now the Internet is almost as rigged as American elections.
Turn your computer around, in the back you'll find a little cable that looks a bit like a telephone cord called the ethernet cable. Unplug it. Now you are safe.
Meh.
Sorry, the #freesbie IRC channel is on irc.azzurra.org D'OHH!
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
Perhaps its time for the average computer user to move to a Live CD system like Knoppix or BartPE. All these problems with adware, spyware, botnets, and viruses seem to have rendered useless the typical hard drive based operating system. An enterprising company could develop an online customizer to let you configure the LiveCD to your personal specs and generate a downloadable ISO image with everything setup and ready to go. No possibility of comprising the system since its on a write-once medium. Keep the hard drive in the system just for file storage.
If such a "black market" existed, you'd think slashdotters would know about it.
That that is is that that that that is not is not.
They should auction them off on ebay, i'm sure they could get at least 10c
I believe sex is highly over rated... unless it involves me
Total Cost of P0wnership
Been done before, but not with Seti : Symantec Writeup.
Big! Strong! Wow! Tada-O!
Ever visit a benign website with an ad banner from a server farm that was own3d?
r egister_among_sites_serving_banner_malware.html
http://news.netcraft.com/archives/2004/11/22/the_
it's a really bad idea to surf with IE. It's a pretty bad idea to surf on a machine that has IE installed (some malware will be able to invoke IE to do its dirty work even if you hit the page via another browser)
I grant that within the limits you specified, you are correct. Non-forwarded NAT will protect you from external worms. It will not protect you from multi-vector threats. Some spread via tcp connections on tcp 135 | 445, email, AND web compromise. So once you hit that bad patch of teh intarwebs you are now spewing email viri and scanning the local and distant net.
Comment removed based on user account deletion
At 5 cents a node thats a steal....
---- Booth was a patriot ----
Doesn't this look like clone wars? So, who is Palpatine here?
...in the back of Soldier of Fortune.
Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
Who'd a thunk it?
I just paid 6c/PC.
Is this headline refering to CAnada or CAlifornia?
Mitgleider turned out to be a pain in the knee to get rid of.
It seems to create a process that manages to attach itself to Explorer.exe and kills regedit.exe, msconfig.exe, Spybot, AV programs and pretty much almost any process that can be used to remove the infection.
However, Mitgleider's weekness is that it only attaches itself to explorer.exe in ONE user account. If you end up battling this infection, it is advisable to create a new admin account to get rid of the infection.
Calling atheism and agnosticism a religion is like calling bald a hair color.
Its way too late, not to mention disingenious to do this. First off, most users are using p2p, bitorrent, IM, etc which all require open ports for full functionality. Shutting them out or just approving Kazaa and a handful of apps is silly. The phone traffic from someone wanting to open a port would be ridiculous. Imagine how many times a PC wants to listen legitimately. Warcraft update? Call your ISP. IM file receive? Call your ISP. etc.
If you read the article, its not the ports thats the problem its users opening these infected emails. Youre still allowing the biggest hole - email. Zombie software can easily be written so it doesnt have to keep a port open, it can simply initiate the connection to a server someplace on its own.
ISPs eventually will have to police their network, as some are doing right now. So are universities. They'll do port scans and traffic analysis, then shut down the offenders. If these people can't keep their machines clean then the ISP can kick these customers as I'm sure it costs more to keep them than to lose them. After that, lots of people will suddenly renew their AV subscriptions, learn how to patch, etc.
Not to mention better server side email attachment scanning; users shouldnt be getting this stuff to begin with. Or if the big players decided to just block all executable attachments. Sure, everyting will be zipped, but that'll discourage "the double click two-step."
regular customers would get level 1 or level 0. (Web and mail access, no incoming ports, etc.)
Then it would be a customer's decision to apply for a higher level. maybe pass a test
Obviously, that's not going to work. But hey, maybe you could get that idea legislated. I'm sure the MPAA and RIAA would be willing to lobby for it.
So, when I saw the article, I thought... what does "CA" know about botnets (CA in this case, being "the government") - they (the legislature) regularly spend more than they have, do odd things like try to give criminal non-citizens drivers licenses, and the like - what would they know about computer security?
Editors - please explain abbreviations - this is not the first time you get lots of posts about WTF is XYZ?.
This will be modded as a troll, or off-topic due to the implied political sentiments regarding our illegal residents who do NOT contribute as much as they extract from our community.
This issue is a bit more complicated than you think.