some grepping and word counting revealed about 606 hits as of about 5:00 CDT last night. my first attack was at Aug 3 at 23:40 CDT. i dont think the activity light on my cable modem has stopped blinking yet. each computer attempts to get to infect three times before it gives up & moves on.
what i don't look forward to is probably an increase in this kind of crap as XP rolls out with raw socket support. (if you read GRC stuff then this is old news) script kiddies everywhere, and more attacks can be made that were previously impossible or at the least difficult to accomplish. yes its true that this started in w2k, but does everybody actually have w2k? nope. they're really gonna push XP though, unlike any of the upgrades past 95.
then again maybe everyone does have it, seeing how many attacks i'm getting. the most aggravating thing about this is that all of the attacks just bounce off me (proudly microsoft free:) but my connection sucks now because of all the morons that didnt patch themselves up after the first time it went around.
i watched a good buddy o mine upgrade his just installed mail kit rc1 (which took nearly a month after it was released by download) to rc2. it took a good 40 minutes to do so and it endlessly bithed about his sound drivers not being certified, which was promptly ignored because they were in fact, certified. it coredumped immediately after installation completed. i was actually surprized to find out that they added the ability to coredump in the first place. the screen was nice and blue though, reminicent of my own past experiences with windows. (i wuv my linux) a restart (of course!) and it loads fine, but over the course of the next 3 or 4 hours it proceeded to coredump another six times, sometimes by simply pressing a key repeatedly. when it wasnt coredumping, things were crashing left and right. most of them happened to things that had nothing to do with the sound card anyway. since yesterday he had already sent in 3 bug reports, 2 of which came back with we-don't-knows, the third unanswered. they have plenty more bug reports to read now.
i left this stuff out...
i'm pretty sure this is the hacked page
in the source, this warning is a comment at the top:
WARNING!
Please do not alter this file. It may be replaced if you upgrade your web server
If you want to use it as a template, we recommend renaming it, and modifying the new file.
Thanks.
and the remainder of the page is like this:
Under Construction
The site you were trying to reach does not currently have a default page. It may be in the process of being upgraded.
Please try this site again later. If you still experience the problem, try contacting the Web site administrator.
i have an old 486 running freesco as my broadband splitting device. klogd must be going crazy. since i got back home this morning it has rejected TONS of attempts on port 80. i suspected it was code red of course, but what bugged me was that it was mostly coming from my neighbors in 24.167, a few more in 24.something else, and an occasional one from a different class A. i thought code red was random. and then this story pops up. make sense. well its been fun all day going to http://insert.victim.ip.here/.:) there must be others doing the same since i get this once in a while:
HTTP 403.9 - Access Forbidden: Too many users are connected
Slashdot Mirror
some grepping and word counting revealed about 606 hits as of about 5:00 CDT last night. my first attack was at Aug 3 at 23:40 CDT. i dont think the activity light on my cable modem has stopped blinking yet. each computer attempts to get to infect three times before it gives up & moves on.
:) but my connection sucks now because of all the morons that didnt patch themselves up after the first time it went around.
what i don't look forward to is probably an increase in this kind of crap as XP rolls out with raw socket support. (if you read GRC stuff then this is old news) script kiddies everywhere, and more attacks can be made that were previously impossible or at the least difficult to accomplish. yes its true that this started in w2k, but does everybody actually have w2k? nope. they're really gonna push XP though, unlike any of the upgrades past 95.
then again maybe everyone does have it, seeing how many attacks i'm getting. the most aggravating thing about this is that all of the attacks just bounce off me (proudly microsoft free
i watched a good buddy o mine upgrade his just installed mail kit rc1 (which took nearly a month after it was released by download) to rc2. it took a good 40 minutes to do so and it endlessly bithed about his sound drivers not being certified, which was promptly ignored because they were in fact, certified. it coredumped immediately after installation completed. i was actually surprized to find out that they added the ability to coredump in the first place. the screen was nice and blue though, reminicent of my own past experiences with windows. (i wuv my linux) a restart (of course!) and it loads fine, but over the course of the next 3 or 4 hours it proceeded to coredump another six times, sometimes by simply pressing a key repeatedly. when it wasnt coredumping, things were crashing left and right. most of them happened to things that had nothing to do with the sound card anyway. since yesterday he had already sent in 3 bug reports, 2 of which came back with we-don't-knows, the third unanswered. they have plenty more bug reports to read now.
i have an old 486 running freesco as my broadband splitting device. klogd must be going crazy. since i got back home this morning it has rejected TONS of attempts on port 80. i suspected it was code red of course, but what bugged me was that it was mostly coming from my neighbors in 24.167, a few more in 24.something else, and an occasional one from a different class A. i thought code red was random. and then this story pops up. make sense. well its been fun all day going to http://insert.victim.ip.here/. :) there must be others doing the same since i get this once in a while:
HTTP 403.9 - Access Forbidden: Too many users are connected
what about when you get a keygen or patch to get rid of those nasty `please register me so i can feed the kids' messages?