Author Topic: A Storm is coming... and you're probably already a part of it...  (Read 4614 times)

Offline W1nTry

  • Administrator
  • Akatsuki
  • *****
  • Posts: 11329
  • Country: tt
  • Chakra 109
  • Referrals: 3
    • View Profile
  • CPU: Intel Core i7 3770
  • GPU: Gigabyte GTX 1070
  • RAM: 2x8GB HyperX DDR3 2166MHz
  • Broadband: FLOW
  • Steam: W1nTry
  • XBL: W1nTry
Quote
Bloke says Internet is at risk from gathering Storm
Host of infection
By Egan Orion: Friday, 05 October 2007, 9:45 AM

IN A COLUMN at Wired, Bruce Schneier presents an analysis of the Storm worm that should scare anyone responsible for mission-critical functions connected to the Internet.
Schneier is known as a knowledgable, articulate and readable writer on computer security topics, so if he's worried about the Storm botnet, and he is, that's worth noticing.
The Storm worm first surfaced near the start of 2007. It's really a new, hybrid form of malware, that is a worm (spreads from host to host over a network), a Trojan (infects and takes over its hosts) and a bot (executes commanded activities) all in one.
As opposed to previous worms such as Sasser, Slammer and Nimda that spread rapidly and could be easily detected and disinfected, this new form of malware represented by Storm is more subtle, stealthy and harder to catch and counteract. Schneier writes:
"Symptoms don't appear immediately, and an infected computer can sit dormant for a long time. If it were a disease, it would be more like syphilis, whose symptoms may be mild or disappear altogether, but which will eventually come back years later and eat your brain."
Schneier lists nine characteristics of the Storm botnet. If you're at all concerned about Internet security reading them is disquieting, sort of like speed reading the screenplay of a horror movie. Here they are, in abridged summary:
Storm is stealthy, it's hard to detect because it's not always active.
Storm is like an ant colony with separation of duties and division of labor.
Storm doesn't cause damage or noticable performance impact to its hosts.
Storm uses a distributed peer-to-peer network for command and control.
Storm's controlling servers are in a constantly changing fast-flux network.
Storm's payload that it uses to spread to new hosts changes form rapidly.
Storm's infection mode changes regularly -- PDFs, e-cards, YouTube links.
Storm's email changes, leveraging social engineering with different hooks.
Storm has started attacking anti-spam websites trying to counteract it.
Schneier doesn't yet see how the Storm botnet can be successfully countered. He points out that the antivirus vendors have been powerless against it for almost a year. He doesn't believe quarantining infected hosts would work, even if all ISPs could be made to do that.
He does identify the underlying reason for Storm's success in spreading to perhaps as many as 50 million PCs in less than a year: Microsoft Windows. But he despairs to even think of fixing that, writing: "Redesigning the Microsoft Windows operating system would work, but that's ridiculous to even suggest." µ

Carigamers


Offline Xerotolerant

  • Genin
  • *
  • Posts: 184
  • Chakra 0
  • study dat next time you cant enter kfc by pushing
    • psp pc?
  • Referrals: 0
    • View Profile
  • CPU: Athlon 64x2 3800+
  • GPU: ATi Radeon x1950xt
  • RAM: 2gb
Re: A Storm is coming... and you're probably already a part of it...
« Reply #1 on: October 07, 2007, 03:11:50 PM »
ha ha why fix windows if it selling as it is right?
i don't mind if it aint really doing nuttin to stop me from playing game or watching anime and browsing then i cool. i probably have it now cause i running around the net with out a rubbers for the longest while.
If automobiles had followed the same development cycle as the computer, a Rolls-Royce would today cost $100, get a million miles per gallon, and explode once a year, killing everyone inside." -- Robert Cringely

Offline Exar_Kun

  • Jonin
  • ***
  • Posts: 899
  • Country: tt
  • Chakra 22
  • Referrals: 0
    • View Profile
Re: A Storm is coming... and you're probably already a part of it...
« Reply #2 on: October 07, 2007, 04:46:04 PM »
ha ha why fix windows if it selling as it is right?

I think he's more talking about the practicalities of 'fixing' Windows. Anyone that's ever written a computer program in their life knows the kind of hell it is to plug every single hole in your code. Windows has so much code, all interworking with each other that plugging every hole would likely take years.
Securing every bit of code against every form of malicious intent while still leaving it efficiently operating is like the US trying to secure the Mexican border by posting border guards all the entire 2200 miles standing 10 metres from each other so no one can get by.

Offline disciple

  • Ancient
  • Kage
  • *****
  • Posts: 1587
  • Chakra 15
  • deus est caritas
    • 360
  • Referrals: 0
    • View Profile
  • CPU: Athlon 64 X2 4000+
  • GPU: RADEON 3650 512 DDR3
  • RAM: 6 GB PC6400
Re: A Storm is coming... and you're probably already a part of it...
« Reply #3 on: October 07, 2007, 05:53:36 PM »
well, i aint  a part of this.. lol

linux, ftw!
#406745

Offline Spazosaurus

  • Dr. Herp Derpington
  • Administrator
  • Akatsuki
  • *****
  • Posts: 7685
  • Country: tt
  • Chakra 52
  • Referrals: 3
    • View Profile
    • The Awesome Company
  • CPU: i5 3470
  • GPU: GTX 780
  • RAM: 8GB Corsair
  • Broadband: Blink 2Mb + Flow 20Mb
Re: A Storm is coming... and you're probably already a part of it...
« Reply #4 on: October 07, 2007, 06:24:39 PM »
Ayyeee look Diciple upgraded his PC. Far cry from the old one eh?

Carigamers

Re: A Storm is coming... and you're probably already a part of it...
« Reply #4 on: October 07, 2007, 06:24:39 PM »

Offline disciple

  • Ancient
  • Kage
  • *****
  • Posts: 1587
  • Chakra 15
  • deus est caritas
    • 360
  • Referrals: 0
    • View Profile
  • CPU: Athlon 64 X2 4000+
  • GPU: RADEON 3650 512 DDR3
  • RAM: 6 GB PC6400
Re: A Storm is coming... and you're probably already a part of it...
« Reply #5 on: October 07, 2007, 08:10:18 PM »
lol

why, yes i did, captain awesome!!

all i need now is a decent gfx card, but that only comes into play when starcraft released.. so i go rock the integrated till then


and yes... completely blows the old rig outta the water... ( considerin the old rig was a 350 mghz, it didnt take much at all, nah! lol)
#406745

Offline W1nTry

  • Administrator
  • Akatsuki
  • *****
  • Posts: 11329
  • Country: tt
  • Chakra 109
  • Referrals: 3
    • View Profile
  • CPU: Intel Core i7 3770
  • GPU: Gigabyte GTX 1070
  • RAM: 2x8GB HyperX DDR3 2166MHz
  • Broadband: FLOW
  • Steam: W1nTry
  • XBL: W1nTry
Re: A Storm is coming... and you're probably already a part of it...
« Reply #6 on: October 08, 2007, 09:01:10 AM »
Ahh... but disciple didn't you know? Linux is the FAVOURITE platform for spammers ;) contrary to what most think, LINUX not WINDOZ is the platform of prefernce for spam bots :p so you very well could be part of the storm... albeit the more IMPORTANT PART, YOU'RE prolly a SERVER BOT :p

Offline disciple

  • Ancient
  • Kage
  • *****
  • Posts: 1587
  • Chakra 15
  • deus est caritas
    • 360
  • Referrals: 0
    • View Profile
  • CPU: Athlon 64 X2 4000+
  • GPU: RADEON 3650 512 DDR3
  • RAM: 6 GB PC6400
Re: A Storm is coming... and you're probably already a part of it...
« Reply #7 on: October 08, 2007, 05:00:11 PM »
i can't hear you, winny

*sticks fingers in ears while enjoying the goodness of suse*

but seriously, i haven't heard that...

proof? ( i not doubtin, eh.. just curious)
#406745

Offline W1nTry

  • Administrator
  • Akatsuki
  • *****
  • Posts: 11329
  • Country: tt
  • Chakra 109
  • Referrals: 3
    • View Profile
  • CPU: Intel Core i7 3770
  • GPU: Gigabyte GTX 1070
  • RAM: 2x8GB HyperX DDR3 2166MHz
  • Broadband: FLOW
  • Steam: W1nTry
  • XBL: W1nTry

Offline disciple

  • Ancient
  • Kage
  • *****
  • Posts: 1587
  • Chakra 15
  • deus est caritas
    • 360
  • Referrals: 0
    • View Profile
  • CPU: Athlon 64 X2 4000+
  • GPU: RADEON 3650 512 DDR3
  • RAM: 6 GB PC6400
Re: A Storm is coming... and you're probably already a part of it...
« Reply #9 on: October 09, 2007, 09:35:45 AM »
hmm. most interesting......


esp. the part where he said they (linux boxes) were being mostly used as the controllers,not the bots themselves..
#406745

Offline W1nTry

  • Administrator
  • Akatsuki
  • *****
  • Posts: 11329
  • Country: tt
  • Chakra 109
  • Referrals: 3
    • View Profile
  • CPU: Intel Core i7 3770
  • GPU: Gigabyte GTX 1070
  • RAM: 2x8GB HyperX DDR3 2166MHz
  • Broadband: FLOW
  • Steam: W1nTry
  • XBL: W1nTry
Re: A Storm is coming... and you're probably already a part of it...
« Reply #10 on: October 09, 2007, 09:45:26 AM »
Well thats why I said Linux is the server, besides what respectable hacker would hack FROM the windows platform???? but yeah... still the STORM... and disciple could be part of it... wouldn't that make it a 'deathly storm' ??? O_O

Offline W1nTry

  • Administrator
  • Akatsuki
  • *****
  • Posts: 11329
  • Country: tt
  • Chakra 109
  • Referrals: 3
    • View Profile
  • CPU: Intel Core i7 3770
  • GPU: Gigabyte GTX 1070
  • RAM: 2x8GB HyperX DDR3 2166MHz
  • Broadband: FLOW
  • Steam: W1nTry
  • XBL: W1nTry
Re: A Storm is coming... and you're probably already a part of it...
« Reply #11 on: October 25, 2007, 11:30:12 AM »
.... wow...
Quote
Storm worm strikes back

They thought it was a squall

By Nick Farrell: Thursday, 25 October 2007, 8:59 AM

SECURITY experts who had written off the Storm worm as a thing of the past say that it is proving darn hard to kill.

Apparently the worm has developed the ability to work out who is trying to probe its command-and-control servers, and it retaliates by launching DDoS attacks against them.

Talking to Network World, Josh Korman, host-protection architect for IBM/ISS said the DdoS attacks can shut down security experts' PC's for days.

He said that as you try to investigate Storm, it knows, and it punishes.

Those who have reverse engineered their own versions of Storm have to connecting to these to these command-and-control servers to see if they are on the right track. However the servers seem to recognise these attempts as threatening.

The researchers have found that Storm can interrupt applications as they boot up and either shut them down or allow them to appear to boot, but disable them. Antivirus software can be turned on, but it isn’t scan for viruses.

Offline W1nTry

  • Administrator
  • Akatsuki
  • *****
  • Posts: 11329
  • Country: tt
  • Chakra 109
  • Referrals: 3
    • View Profile
  • CPU: Intel Core i7 3770
  • GPU: Gigabyte GTX 1070
  • RAM: 2x8GB HyperX DDR3 2166MHz
  • Broadband: FLOW
  • Steam: W1nTry
  • XBL: W1nTry
Re: A Storm is coming... and you're probably already a part of it...
« Reply #12 on: November 07, 2007, 03:02:28 PM »
More interestingly scary stuff

Quote
Corman referenced the case of Blue Security, an Israeli-based startup whose aggressive antispam measures in May 2006 drew a counterattack from spammers that was so vicious, it forced the company out of business."

Read that article here: http://www.eweek.com/article2/0,1895,2205606,00.asp

Offline daniboy79

  • Kage
  • ****
  • Posts: 1004
  • Chakra 9
  • Referrals: 0
    • View Profile
Re: A Storm is coming... and you're probably already a part of it...
« Reply #13 on: November 07, 2007, 03:50:17 PM »
some scary sh!t there man :shakehead:
Antec 900
Gigabyte EP35-DS3L
Intel Q6600 with Tt TMGi1 HSF
2GB Crucial Ballistix Tracer PC2 6400 (4,4,4,12)
eVGA GeForce 8800GTS 640MB
Maxtor-DM21 250GB  SATAII
Seagate 500GB SATAII
Acer AL2223Wd 22" Monitor
Logitech Z5500 5.1 Surround Monitors

Carigamers

Re: A Storm is coming... and you're probably already a part of it...
« Reply #13 on: November 07, 2007, 03:50:17 PM »

 


* ShoutBox

Refresh History
  • Crimson609: yea everything cool how are you?
    August 10, 2022, 07:26:15 AM
  • Pain_Killer: Good day, what's going on with you guys? Is everything Ok?
    February 21, 2021, 05:30:10 PM
  • Crimson609: BOOM covid-19
    August 15, 2020, 01:07:30 PM
  • Shinsoo: bwda 2020 shoutboxing. omg we are in the future and in the past at the same time!
    March 03, 2020, 06:42:47 AM
  • TriniXjin: Watch Black Clover Everyone!
    February 01, 2020, 06:30:00 PM
  • Crimson609: lol
    February 01, 2020, 05:05:53 PM
  • Skitz: So fellas how we go include listing for all dem parts for pc on we profile but doh have any place for motherboard?
    January 24, 2020, 09:11:33 PM
  • Crimson609: :ph34r:
    January 20, 2019, 09:23:28 PM
  • Crimson609: Big up ya whole slef
    January 20, 2019, 09:23:17 PM
  • protomanex: Gyul like Link
    January 20, 2019, 09:23:14 PM
  • protomanex: Man like Kitana
    January 20, 2019, 09:22:39 PM
  • protomanex: Man like Chappy
    January 20, 2019, 09:21:53 PM
  • protomanex: Gyul Like Minato
    January 20, 2019, 09:21:48 PM
  • protomanex: Gyul like XJin
    January 20, 2019, 09:19:53 PM
  • protomanex: Shout out to man like Crimson
    January 20, 2019, 09:19:44 PM
  • Crimson609: shout out to gyal like Corbie Gonta
    January 20, 2019, 09:19:06 PM
  • cold_187: Why allur don't make a discord or something?
    December 03, 2018, 06:17:38 PM
  • Red Paradox: https://www.twitch.tv/flippay1985 everyday from 6:00pm
    May 29, 2018, 09:40:09 AM
  • Red Paradox: anyone play EA Sports UFC 3.. Looking for a challenge. PSN: Flippay1985 :)
    May 09, 2018, 11:00:52 PM
  • cold_187: @TriniXjin not really, I may have something they need (ssd/ram/mb etc.), hence why I also said "trade" ;)
    February 05, 2018, 10:22:14 AM

SimplePortal 2.3.3 © 2008-2010, SimplePortal