[LINK] Conficker virus

[Rick Welykochy]

matthew at sorbs.net wrote:

>> The more Windows is deployed and attacked, the more the non-Windows
>> world can sit back and get on with computing in a malware-free
>> environment.
> 
> That they can't use because they've been DDoS'd by several thousand
> servers. 

I wasn't thinking of DDoS attacks specifically.

How does the magnitude of DDoS attacks compare with what else the
crims get up to using botnets, i.e. financial and identity fraud?

I must admit that the more I think about the Windows side of things,
the more I see that there is collateral damage to other OS's. Yup,
in terms of DDoS's, which is an external effect. But also, attacks on
Linux boxen running Apache + PHP to run phishing software.

Of the twenty or phishing attacks that I have investigated, the
actual phishing software websites were all found to be on LAMP
systems where P=PHP.

But, in the end, the goal is to establish squadrons of botnets and
these only run on Windows AFAIK.


> PS: I have a 'Wanted by the FBI' poster on my wall for a Saad Echouafni
> (remember foonet.net?), whom was the perpetrator of the 2003 attacks on
> my servers and others.  He controlled a modest botnet of 8000 computers,
> the only thing that stopped the nuking of my site and causing Queensland
> wide AAPT outages was Telecom NZ who put a filter in on their
> International (USA uplink) Router.

Are you saying they filtered 8000 IPs to solve this problem?


cheers
rickw



-- 
_________________________________
Rick Welykochy || Praxis Services

aibohphobia  -  the fear of palindromes