Slashdot Mirror
The World's Biggest Botnets
ancientribe writes "There's a new peer-to-peer based botnet emerging that could blow the notorious Storm away in size and sophistication, according to researchers, and it's a direct result of how Storm has changed the botnet game, with more powerful and wily botnets on the horizon. This article provides a peek at the 'new Storm' and reveals the three biggest botnets in the world (including Storm) — and what makes them tick and what they are after."
I thought so.
You are being MICROattacked, from various angles, in a SOFT manner.
In other words, stupid people and people who dont care about security punish the rest of us. How nice.
You dont know how much I would appreciate a "Internet License" to show basic security and protections on the net. WIth the financial nets and traffic nets as they are, I'd say that hauling a 2 tom missle down a highway and doing this would be similar.
Imagine if somebody did this but donated cpu time to distributed computing projects like that one on cancer research. Force philanthropy would be rather strange and still illegal, but at least slightly more noble in a Robin Hood sort of way.
This article provides a peek at the 'new Storm' and reveals the three biggest botnets in the world (including Storm) -- and what makes them tick and what they are after.
From the look of things, it appears that their sole purpose is to send me myspace friend requests from lonely, hot girls that have Tom as their only friend, and have selected me as the lucky person who gets to share in viewing their private, personal website, which has many photos of their naked breasts and vagina. Seriously.
The theory of relativity doesn't work right in Arkansas.
It's interesting that these articles don't even mention that Microsoft's insistence on running executable content from the browser is at the heart of all these problems.
If I had an Ass, I'd call it Fanny Bottom, then I could slap my Ass; Fanny Bottom, on the Arse.
Well thankfully I run Windows, which is inherently more secure than your "open source" systems. These botnet creators can look right inside your operating systems and see the vulnerabilities, whereas with Windows...
Ah, but you fail it!
In other words, stupid people and people who dont care about security punish the rest of us. How nice. You dont know how much I would appreciate a "Internet License" to show basic security and protections on the net.
Anyone who thinks non free software can be secured should be denied said license. FTFA:
If you think you can do better than Fortune 100 support teams, you are sorely mistaken. They have all the time, money and employees they want to throw at this problem and still get their ass kicked. People trying to tweak non free software are working in the dark and will always be surprised. No matter how much they spend, they can never fix the problem.
Friends don't help friends install M$ junk.
Also how did his botnet get my credit card number.
All of these articles on botnets such as Storm always mention home system vulnerability...
Well, let me point out for a second how while dangerous for a single home system to be infected, it is a world worse when a business system becomes infected.
Within hours, typically that botnet has replicated to all of the machines on the internal network. Worse, now that botnet has access to your critical database information, consisting of customer records. Often times, the brains behind these botnets can better datamine than your business can, finding interconnections with your customers to better flood them with spam, or worse.
At my job, one of our machines was hit with the Storm. We isolated it within minutes, but even then it still wa a close call. If I hadn't been doing a routine portscan at just the right moment, we'd have never spotted it.
After that, the boss authorized me to begin a slow migration to Linux.
Karma Whoring for Fun and Profit.
Imagine if somebody did this but donated cpu time to distributed computing projects like that one on cancer research.
Well, Bill Gates did do this and he is trying to patent yet another Malaria vaccine that does not work. Does that count?
So the world's largest networked super computer runs Windows. It is sad really, all these hundreds of millions of computers on the planet - half of them sending spam for the other half to filter out. One would think that there should be something slightly more useful for them to do.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
Just ask my wife.
Yes, the router was still emailing me every log of all network traffic -- my traffic and the malware traffic also. Seems the malware author does not think my ability to log their traffic was significant.
Netgear was very helpful. Tier1 tech support said securing the router was my responsibility. Asshats!
Every mans' island needs an ocean; choose your ocean carefully.
> Netgear was very helpful. Tier1 tech support said securing the router was my
> responsibility.
Easily done. Place the router in a trashcan and secure the lid. Then scrounge up an old pc or laptop and put a Linux router on it.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
If you are afraid of Linux, switch to OSX.
We have heard that line saying it's the fault of the novice computer.
I did not believe that 10 years ago. I still don't believe it.
10 years ago, I thought that Microsoft would fix the bugs that created this Anti-Virus business.
I was wrong. Microsoft never saw a business reason to fix those bugs. Instead they increase the "It's not our fault" marketing, and even got into the [Anti]Virus business themselves.
The Windows Virus-prone bugs 10 years ago were:
- System access/execution from Office templates.
- System access/execution from Active X.
- System access/execution from Browser in general.
- System access/execution from Email attachments.
These features I suppose are there for novices. The same novices that are blamed for perpetuating "viruses" by using these "features".
These "features" have never existed in Linux.
no thanks, commie..
Apple and Sun are a very small % of the computer using population, and not a good dataset do they make.
If you mod me down, I will become more powerful than you can imagine....
For the rest of us who aren't botnet savvy and already familiar with 'Storm', here is a a link to get started: http://en.wikipedia.org/wiki/Storm_Worm. WTFBBQ, YMMV.
-
I <3 Cisco Clean Access
Censorship is obscene. Patriotism is bigotry. Faith is a vice. Slashdot 2.0 sucks.
Please to explain how to detect storm botnet.
This article is newsworthy? It's shit. It doesn't name which applications and operating systems are vulnerable- are all web browsers going to infect system files from visiting infected Web sites? Do these worms and Trojan horses run on all operating systems? Macs? Unixes? BSDs? Linuxes? It's just a scary, ignorant infomercial for the anti-malware industry. The solution is to remove all Windows computers from the Internet. Problem 99% solved.
we will end no whine before its time
if you check online you'll find quite a few options. In my case, I happened to be checking my networks outgoing traffic and noticed the unusual port open on a typical P2P port. As work frowns on P2P (while not forbidding it) I went to the desk to see what they were eDonkey'ing.
Karma Whoring for Fun and Profit.
you own botnet.
I have a firewall appliance, and run Linux. I send emails, read Slashdot, and a few hobby phpBB forums. How is this relevant to me?
I want to delete my account but Slashdot doesn't allow it.
There are millions of Macs out there, and growing. But they're harder to compromise by design. The elusive "Mac virus threat" remains largely a marketing device for Symantec.
Have you read my blog lately?
That's what I thought the name of the article was, I was like, cool! Then I was let down :-(.
I've read Slashdot for the last 5 years, and now I start posting... Go figure
Who knew that Skynet was WINDOWS BASED? That explains a lot!
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
I have, and now I have to get a shot. Thanks!
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Yeah, fuck you, too. Asshole.
I've pondered an "internet license" as well. But I really don't like what you'd have to do to enforce it. Think "near death of anonymity online" due to all sorts of sites suddenly deciding that they need to see your IL just because and...
It's not that there wouldn't be a lot of upsides, but I really, really don't like some of the downsides I think it would create.
In the mean time, you can always do what I did: teach free classes at your local library (or wherever) that cover basic security issues like privacy, avoiding scams, etc.
Not really. There is absolutely nothing on a current MacOS X system that prevents users from running shit they download from the net. And now you're going to go "But... but..." thinking that somehow they're magically protected cause they don't run as administrator. Of course the second anyone wants to do anything, they just create a situation where the user expects a dialog asking for root's password and they happily provide it. But even in that case, it's a totally moot point. You don't have to be root to run software on Mac OS X that connects to the network. Fuck, let's try and have a little perspective and give it even a small amount of thought. Lay off the anti-Microsoft fanboi cookies.
"In other words, stupid people and people who dont care about security punish the rest of us. How nice."
I feel the same way when people have sex and have unwanted kids or STDs and the public ends up footing the bill. Let's have a license to have sex.
I, for... I mean, ß, ñî ñâîåé ñòîðîíû, ïðèâåòñòâóåì íàøåãî íîâîãî ðîáîòà ñåòè çà ãîñïîä.
No, the heart of the problem i$ that window$, de$pite what MS claim$, wa$ not be de$igned for tho$e people and a$ a re$ult tho$e people make mi$take$.
$oftware i$ $oft, it can be anything we want it to be, and a$$hole$ who claim that "$oftware can't do $oftware related thing$" are lying through their teeth.
If thirty odd year$ ago window$ had been de$igned re$pon$ibly we wouldn't have the me$$ that we have now. Among$t many other thing$ when connected to the net they deliberately confu$ed $tatic data with executable$ and deliberately ran all program$ a$ admini$trator. Thing$ that mainframe O$' and Unix had under$tood and $olved decade$ before. I can remember the very fir$t time I $aw a web page with an executable and thinking "you $tupid fucking idiot$". The ramification$ were obviou$ right from the $tart; MS ju$t cho$e to ignore them.
The marketing para$ite$, and their pat$ie$, who to thi$ day continue to claim that window$ wa$ not a large part of the problem are lying ar$ehole$. MS i$ $lowly improving their $ecurity but they $till have a long, long way to go with a culture that $till trie$ to te$t for $ecurity rather than building for it. And ye$, de$pite what $ome idiot$ claim, $ecurity and u$er friendline$$ are not mutually contradictory. In fact they are more complimentary than contradictory with well built $ecurity $y$tem$ helping u$er$ to make good choice$ for their own $afety a$ well a$ everybody el$e'$.
In fact, given enough user apathy, they can all coexist quite happily.
Other than that, you have nothing but your psychotic hatred and infantile "M$ Windoze Microtard" insults, as usual.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
DD-WRT. Problem solved.
I see your informative link, and raise you a pithy comment.
When I read the title I thought it read "The World's Biggest Boners".
This is why I don't like companies to keep my credit card number on file. Yeah, it is convenient when you don't have to type it into a web form all the time, but any security breach, and some bastard can run up charges on your card. Not a risk I like to take.
Not really. There is a very simple reason why botnets are dominated (to pretty much 100%) by MS systems. Numbers. Most machines in home user hands simply are running on some kind of MS OS.
Yes, Linux and MacOS are more secure. It's harder to slip something into the system, at best you can run with user privileges, yes, yes.
Unless you trick the user. And that's pretty much the main infection vector today. About 95% of malware comes in the form of infected spam mails, only 5% of infections rely on system insecurities, buffer overflows or other system related security holes.
And when you can trick the user into executing something, it's trivial to trick him also into giving the malware elevated privileges, provided you promise him something. Send someone a "tool" that promises 20% more speed or ram, but since it has to hook deeply into the system, it will require root privileges.
Yes, you won't fall for it. But the average clueless user? After all, this thingamajig is gonna do something with your system to make it run faster, so it's kinda logic that it will need system privs.
No system is secure from malware. Security is by definition the minimum of a system's security capabilities and its adminstrator's security capability. BOTH need to be secure to create a secure system.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
But most sun machines are on very big pipes compared to most windows boxes. The same is true of Mac as the people who own them tend to be well off enough to have decent broadband.
Also a bot net of suns is worth far more per machine than windows machines. The numbers I've heard are a sun box on a big connection is worth at least $100 vs about $.1 for a windows box. And there are Solaris 10 botnets out there (thanks telnetd)
Are you for real?
You see this is exactly why Windows is winning. Linux is still yet to provide a credible botnet to face off against the Windows botnet. There's just no comparison, Windows wins every time!
This is my footer. There are many like it, but this one is mine.
Anyway, too many people don't get it. Linux and MacOS are about as secure as windows = not very. In the default installation of Linux, MacOS, Windows, if something gets in via the browser it has full user privileges - can read your email, can make network connections, can listen in on your microphone if you have one etc.
;). No malicious code initially, just LWP/wget/curl, google, keywords + "I'm Feeling Lucky", eval...
;).
I think we need something like this:
https://bugs.launchpad.net/ubuntu/+bug/156693
BTW Linux and MacOS both have perl installed by default. Would be interesting to see how the "antivirus" software vendors cope with malware written in perl
Linux and MacOS are more secure the same way living in a small quiet village is more secure than living in the bad part of a city with planks over your windows and a reinforced metal door.
But with all of them, when you let someone in, they have full access to everything you normally have access to, except stuff in your safe. But not everyone keeps all their important stuff in the safe all the time
If your running a business system where every work station isn't on its own vlan, you should get out of the PC running business.
The heart of all these problems is that the top thousand security-aware people haven't a clue on how to create systems that can support a billion security-unaware people operating computers that are connected to the internet.
These users didn't design these systems. Security unaware users shouldn't be able to screw up the system.
The self styled 'experts' need to get their act together and figure out how to secure the systems users are using. And, no that doesn't mean switching systems.
I'll watch their progress comfortably from my Mac, so I don't need to be an 'expert' to be secure.
"About 95% of malware comes in the form of infected spam mails, only 5% of infections rely on system insecurities, buffer overflows or other system related security holes."
If this is true, then may I suggest look at fixing the security holes in the mail program that is allowing 95% of malware.
I have some issues with DD-WRT closing parts of the source. (Last time I checked you couldn't build DD-WRT from the source given, FWIW I don't check often)
I made that suggestion, but for some odd reason shooting morons launching executables named "invoice.pdf.exe" is considered illegal in my country.
Yeah, we got silly laws here.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Oh come on, someone must be able to figure out how to remotely identify and maybe even remotely disinfect (or at least disable) these zombie PCs?
... just to make your penis bigger.
The eternal struggle of good vs. evil begins within one's self.
Botnets and I cannot lie... :)
The article left out presidential candidate Ron Paul's botnet. It's huge.
http://www.washingtonpost.com/wp-dyn/content/article/2007/11/04/AR2007110400026.html
Serious hack. I did a quick run on your router and there does not seem to be a documented hole ATM. Also, if the rules don't show up on your interface then either:
1) Netgear ppl were complete morons and the GUI is not directly linked to the filesystem records/small database/whatever
or
2) Hacker is good enough to alter this part of the router's code as well, meaning he flashed the firmware remotely.
I wonder how many people have been hit with this without knowing. It is one thing to monitor your PC's activity, but a router? Scary shit. Better get that rusty copy of Snort up and running again.
PS: you actually check your logs..wow. You either work for the NSA or you are half Klingon. Also, did you find out who it was, and whether you were sending out payloads similar to the one you received(meaning that it wasn't an "important" node that attacked you)?
Linux is no more secure basically because of the user, which is basically the problem unless you lockdown the user and that should have been modded up to the top in every article here last 10 years. Linux users were not too concerned with the Average Joe 10-20 years ago like MS has been.
Priorities in life/scheduling for the Average Joe are different than those of the average Slashdot/Internet user.
Cold hard facts; when Linux does start to become popular in the next 2-6 years the community is gonna have to be prepared for human error and hopefully not bury its head in the sand on the issue.
Hmmm it's going to be interesting to see how this problem is tackled by the community and not a corporation led with one path, when you become the majority and are no longer the minority it will be a much bigger problem to tackle. Hopefully the OSS community will not pull the rug out from the Average Joe user when Linux gets popular and leave them stuck with a distro but no choice to follow where the developers are leading.
Although the majority of users 'just don't care' and as long as it 'just works' than that is fine with them.
sorry, but if we switched everyone over to linux, the only way joe user would ever figure out to install something is through apt (or other like package manager depending on distro). which if i remember correctly would eliminate the problem of users installing trojans/crap that lies about what it does due to the fact that it is 1) open source so someone would notice what it really does, and 2) if said system were ubuntu for example, wouldn't canonical check the packages listed in apt and not allow such programs. While it is still possible that such infections could get through, botnets would cease to be worth while due to the low numbers. I may be wrong about this, if so, sorry for wasting your time.
there, I fixed the title for you.
Fuck that. Shit too. Pooptypoop.
This is the most secure posting in this thread.
This is all converging towards the worm described in the Curious Yellow whitepaper from back in 2004. I'm frankly surprised it took this long.
Not a sentence!
The sophistication of this Storm "application" is much more indicative of a mature elder programmer, who probably has read the complete cypherpunks archives. We talked about stuff like this long ago. Compare to things like the Morris worm, the two Manila children, etc. Those were intense, but brief due to coding errors and the like.
Bah. No, these people are not children and they do know what they're doing.
God, I wish I had mod points. I did, a day or so ago.
Kudos!
Anybody who thinks that the O/S has nothing to do with it might also think that:
1) all forms of transportation are equally safe. (EG: a motorcycle is just as safe as a passenger sedan - it isn't)
2) all forms of birth control are equally effective. (EG: A condom is just as effective as sterilization - it isn't)
3) all forms of shopping are equally inexpensive. (EG: socks at Wal-Mart cost about as much as socks at Nordstroms - they don't)
For some reason, when talking O/S's, something that's painfully obvious in most contexts is frequently challenged. I don't get it. Are they just dumb? Or are they paid to act that way?
I have no problem with your religion until you decide it's reason to deprive others of the truth.
I can sell you one, real cheap...
you have the point. parasites always adapt for the most common type of host. there are few reasons, why os's and botnets should be an exception.
Part of the Storm threat is that it is able to intimidate those who stand up to it, or attempt to combat it. This would suggest that Storm is in turn vulnerable to an attack by an even bigger botnet. It can succeed on poorly protected machines and lurk in the many dark corners of the Internet, like cockroaches. Suppose enough of us willingly subscribed the spare cycles in our machines to serve as a botnet that would fight the others? Could that work?
Can we come up with a working definition of 'good' for such a botnet? I would not subscribe my machine to any government directed search for terrorists, for example (that's probably got me on a no-fly list). However, it should be possible to confine our botnet to the named botnets in the article, and do 'good' in an sense that would be acceptable to most users. If the project veers towards evil, then there must always be a way to unsubscribe.
Then, we want a fancy UI like the SETI screensaver, so we can see how we are doing, and root for our side.
That security hole exists between keyboard and chair.
Justice is the sheep getting arrested while an impartial judge declares the vote void.
Yes, you won't fall for it. But the average clueless user? After all, this thingamajig is gonna do something with your system to make it run faster, so it's kinda logic that it will need system privs. The root problem is that computer users don't know what software to trust, and what software not to trust. An experienced computer user would not trust the application you describe, but as you point out, the average clueless user would be suckered right in. So why are we leaving the process of trust as an entirely manual process? The operating system should automatically be able to determine trustworthy programs from untrustworthy ones.
The problem now becomes: how does the OS know what's trustworthy? Linux distros sign their packages, so that you can be reasonably sure they don't contain malware. We could lock down desktops so they only run applications signed by trusted parties. This would increase security, but also severely damage the software ecosystem - imagine if you couldn't produce an application for Windows unless you paid Microsoft a license!
The solution, I think, is to formalise the informal trust network we all have in our heads. I tend to trust the FSF, so if the FSF says that an application isn't malware, I'm inclined to trust it. The FSF might in turn trust Debian, so if Debian trusts something, and I trust the FSF, then by association I trust Debian's word as well. In essense, I'm talking about a distributed trust network. Combine this with a sliding scale of privileges, such that applications that require greater privileges also require greater trust, and you have a security system that is flexible enough to cope with even the most clueless of internet users.
I used to work for a mayor IT Enterprise. Many collegues ( Management level ) simply did not give a sh*t about bots roaming the network. Because they did no ( Direct ) harm to company. One of the reasons I have quit that job.
Your scenario of corporate chaos isn't accurate when it comes to Storm. Storm isn't self-replicating; it doesn't spread to other internal systems. It can however steal email addresses and possibly other external systems will begin to send Storm social-engineering emails to the rest of the company. However, if you have a sane firewall policy that doesn't allow arbitrary high-port UDP traffic outbound and inbound, the Storm node will never be able to link up to the rest of the botnet, rendering it more of a noisy annoyance than a threat to the company's data.
From previous articles, it seemed that Storm had 50 millions infected computers.
The article cites the number 200,000, which seems more realistic.
They volunteered to kill innocent people who never attacked them. How could they actually think they are "defending america"?
There's a new peer-to-peer based botnet emerging that could blow the notorious Storm away in size and sophistication
Which is semantically identical to:
There's a new peer-to-peer based botnet emerging that MIGHT NOT blow the notorious Storm away in size and sophistication
But that wouldn't sell any ads, would it.
Proof again that Microsoft has a lot to answer for on this; extensions on files should never be hidden, and certainly not BY DEFAULT like they have been since Win95 came out. I'm annoyed that OS X even has the option, it's terrible UI. Hiding .app on application bundles/folders is OK, but that might also lead to the above scenario. Solution would be to force the OS to not allow anything to follow .app extensions.
It doesn't mean much now, it's built for the future.
"stupid people"
Because someone does not know much about computers, and specifically computer security, does not make them "stupid". It most often means that they have things they they are skilled to deal with. Because you probably cannot perform open heart surgery does not make you stupid either. It means that you probably know about computers and their security. We all have our areas of expertise and interest and they cannot be everything-there is only so much time and mental capacity.
This type of attitude I find prevalent among people who know a bit about computers. This is one of the reasons that Linux has taken so long to be usable for the masses. Most people do not want to build their own computers and most people don't want to have to learn about computer security. They want the people who specialize in it to make it where it works for them.
The Adolescence of P-1
Not quite there yet and definitely a bit archaic in technology, but it's still amazing the book was written in 1977.
It's really nice to be a linux user for over a decade and sit back and say "ha ha". I don't believe Microsoft is capable of combating, or willing to combat, the problem. At the bottom of this issue however, is the fact that many users are clicktards. Infecting a linux or mac system is as easy as tricking a user into clicking something, or even simulating the pop-up password dialog box for a sudo event. Let's start with Fedora for instance. The ssh service, by default, allows root logins. How many users would enter their root password into a javascript popup that is titled "New updates for your Fedora system are available. Enter your root password to download and apply these updates"? I'm not picking on Fedora, it's a great distro. I certainly don't agree with PermitRootLogin yes as a default in sshd_config. Regardless of firewall settings, it's foolish. Alternative systems should be taking a cue from the shortcomings of Windows and doing what they can to minimize their own strike zone.
boycott slashdot February 10th - 17th check out: altSlashdot.org
If it hadn't been for those stupid marketing parasites insisting on claiming impossible feature lists, on pushing software out the door before anything was actually finished, on always insisting that today's sale is the bottom line, etc., etc., ad nauseum, M$ never would have captured the market share they have.
Even by the any-other-platform-that-got-large-enough argument, well, let's just say that we had a market that included 14% Macs, 18% Amigas, 22% Be, 10% M$Whatever, 12% Ataris, 6% Acorns, 14% various Unix derivitaves, 0.5% old Macs, and 3.5% miscellanous other. In other words, a world in which the Bill and Steve act hadn't killed everyone else in the first act of the play.
Where would the claimed critical mass to generate the current level of malware infection come from?
Anyway you cut it, the malware is Bill & Steve's fault and responsibility. They owe the industry every penny of the billions they "own", and more.
Some of us are of the opinion that MSWindows is little more than a (poor) extension of those BASIC interpreters.
Theft begets theft. Bad design begets bad design.
The problem is that Microsoft sells a machine that no one can understand, least of all their collection of engineers that never really understood the reality of implementation.
Maybe you elder folk can give your opinion on what an undergraduate senior in Computer Science (me) thinks the trend will be. I'm curious to see what the /. community thinks of this, but personally I can't see any better theoretical botnet engine, so I believe it's inevitable.
Now that AMD and Intel both have visualization hardware built into the CPU, and with AMD planning to (and I imagine Intel is either already planning to or will follow suit) add the IOMMU into the CPU, isn't that the perfect control vector? For the unfamiliar, the IOMMU is the input/output memory management unit, which will handle the task of mapping a piece of hardware's DMA to actual memory. This has been the barrier that prevents vanilla DMA hardware drivers (notably video cards, can't wait for virtualized games and no more booting Windows!) from being used in a virtual machine, because the overhead of doing this mapping in software destroys the usefulness of DMA.
So, once it is possible for an operating system installed on an actual computer to run in a virtual machine using all the same drivers, how long will it be before we see the hypervisor rootkit? A trojan could theoretically set itself up to virtualize the computer's OS and then have absolute control over the machine while being outside of the reach of any anti-virus/monitoring program on the machine. You'd need to boot from other media to see that the filesystem has changed (and with some clever BIOS flashing, couldn't one make it so that even this didn't work? I'd hate to think of the day when a trojan requires manual re-flashing to remove...) and one wouldn't be able to see the extra internet traffic unless the uplink/router was watching for it.
What do you guys think? In a separate, completely and totally unrelated matter, I'm looking for 5-7 programmers that have low ethical standards and a high desire for illicitly gained power. Any takers?
Unless, of course, the average linux install is actually set up right.
/usr/bin, /sbin, /usr/sbin, /lib, /usr/lib, etc) that are intended to really not change short of major patches mounted on seperate partitions in a read-only state.
/usr/local and you're set.
Where you have the core file systems and libraries (/bin,
Then any user-defined foo gets dumped in
Sure, it still won't stop the average dumb as a nut user from doing a yanktacular darwin moment, but it would greatly stop the majority of root kits and trojans from infiltrating ad-hock systems that tend to go for those afore mentioned paths and directories.
Then of course enforce an iptable firewall rule that block all outgoing ports except the ones you know the average users use as well as all the incoming ones, then in those cases even if they do something absolutely retarded on their system, the firewall won't allow the bot to connect.
Most linux/unix botnets tend to have IRC control subsystems, fairly easy to have a standalone firewall filter those ports out.
A good idea in theory, but in practice you know where it leads, right? Companies will come into existance that make it their business to "trust" others, buying their place in the trusted chain of some OS.
For reference, see Verisign.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
If only all our clueless users were as logical and informed as yours.
True. Most just click "allow", no matter what, since they learned that if they don't click "allow" all the time some things just don't work, but when you click "allow" always it works.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
'I'd feel a lot safer if you could get selinux to work on Windows..." - by flyingfsck (986395) on Thursday November 08, @08:54PM (#21289459) SeLinux is pretty cool, except I have heard it can be a "beyotch" to setup & "security-harden" more than its defaults are on, for example, SeLinux bearing distros like KUbuntu etc. et al!
(AND, it's not that simple on Windows either as far as securing it, but I have done a tutorial & guide that helps make it simpler)
APK "12 step program" 4 a secure Windows NT-based OS (2000/XP/Server 2003/VISTA)):
http://forums1.techpowerup.com/showthread.php?s=096913265fc1542f05f8d28c3370af7a&p=500261#post500261
That's how to secure a Windows rig (or, @ least, as best as I know how to)...
I've seen the results of what SeLinux can do here (for Linux distros that have it "baked in", but were run under VMWare which some feel actually LESSEN security due to 'complexity weaknesses due to more moving parts in the mix' so-to-speak)... it's not bad!
There, I also saw that Linux seems to get lower scores than Windows XP SP2 &/or Windows Server 2003 SP2 do by default from their default security policies setup...
(I.E.-> Linux's seem to tend to increase more when hardened & also that Windows systems cannot reach 90% or better scores, ever, due to a bug in the Windows model on the CIS Tool tests used in the math calc used to score you, & I have proven that some areas I was scored down in are DEAD WRONG too (as did the Linux person here in Bert64, a slashdot poster here, on LINUX), which are a great "guide" to securing your machine & tell you more on how to do it)
APK
P.S.=> I also listed stopping Java/JavaScript/ActiveX usage on the public internet there, but for SOME REASON, they edited it out there (that sort of amazed me a bit, & got me banned when I questioned it, which is odd)... apk
Would you like a free router -- fully configured, compromised, and guaranteed to contact the botnet control node -- to put on your network to answer these questions yourself? Free shipping to the US!
Every mans' island needs an ocean; choose your ocean carefully.
PS actually your reply is Redundant; but a good reminder for all. Keep up the good work ;)
Every mans' island needs an ocean; choose your ocean carefully.
"Allll right Johnson, you're not downloading horse p-- OH MY GOD. NO ONE IS AT THIS DESK"
Who you gonna call?
The actual problem is that having a competing botnet does little to diminish the problem botnet - especially in a context, such as the internet wherein 'resources' are basically infinite. Having two botnets - the Good and the Evil - does not diminish the power of either merely by the fact of their existence.
So what could a botnet do to attack another one? This is pretty unclear, without actually taking systems. Chewing off the infected arm seems to be counterproductive. At best you destroy part of your overall network. At worst, you have two (or more) distributed systems attacking each other; a war wherein we will surely lose. Nevermind the economic impact as people become enraged that random network attacks are taking out their machine because they don't spend all day in their basement protecting it.
As with nearly everything, the key here is transparency. As an individual owner of a machine, you have a right to know what is going into and coming out of your network connection. We should redouble our efforts to get to that end; tools that let us know, and shut down anything that we don't like. One might say - and be right - that many of these problems are created by bad operating system design choices. Those need to be fixed, and as with any infrastructural issue, we'd better spend the capital now, or be very, very sad later.
[Ego]out
Yes, MicroTards. I'd like to take credit for that, but it's too obvious.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
sudo chmod 000 /bin/chmod
such a security measure could not even be conceived of under windows, let alone implemented in one line.
Since you're obviously using the term "microtard" to refer to the person you replied to because he holds an opinion different to yours on this issue, I assume that you won't object people referring to you with terms like "flosstard" or "lintard" whenever they in turn disagree with you?
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
I like 'em really bot
I like 'em really flat
I like 'em lookin' just
Like a TCP/IP stack
Virus really tiny?
I call you Your Highness
In hacking class,
you got a bot-minus!
Flat bots
I like flat bots!
Flat bots
I like flat bots!
Mal-2
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
you're obviously using the term "microtard" to refer to the person you replied to because he holds an opinion different to yours on this issue
I'll call anyone a MicroTard if they think M$ security issues are the user's fault. Half a minute's reflection should convince anyone that this is not so. People like you can blame the user all day, but that won't make it so.
I assume that you won't object people referring to you with terms like "flosstard" or "lintard"
"FreeTard" would be more appropriate if free software were not the fastest software available for most machines, or if free software advocates had something other than reason to force people to use free software or about a thousand other differences between free software and non free software were not true. But Dedazo, I don't care what you call me because you are an idiot.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
You mean "he does not follow the OneTrueReligion, therefore I must insult him"
I didn't ask what you want to be called, I asked if you are OK with people insulting you in kind because they don't like how you think or what little idol you pray to.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
or else they're in bed with them.
My office mate was thinking a big EMP over that ISP would solve the problem.
I was thinking more along the lines of a tactical neutron bomb. Why waste the computers?
Corruption? No, neglect. Do you really think that "trust" entity is going to double check everyone who wants to be let in? It will be similar to some "proof of quality" seals we got today. As long as you put cash on the table, you'll get it.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
how about fucktard then. isn't that how your loved ones refer to you?
For twitter, "fucktard" is just right.
Ah, twitter. The stupidity of your painful existence is just too good to be true. You don't know who to hate anymore, so you just hate everyone instead.