Thread: No more Linux security bragging: botnet discovery worry
View Single Post
  #3 (permalink)  
Old 10-01-2009, 11:17 PM
~BD~
Guest
  
Posts: n/a
Default Re: No more Linux security bragging: botnet discovery worry
On 01/10/2009 23:30, Andy wrote:
> ~BD~ wrote:
>
>> Quote:-
>>
>> "Bad guys have created a botnet of Linux Web servers. In a way, that's
>> even more frightening than regular botnets of compromised Windows PCs.
>> In IT Blogwatch, bloggers ask if this is the end for Linux's claim to be
>> more secure than Windows; or is it just a load of old hokum?"
>>
>> http://blogs.computerworld.com/14723...iscovery_worry
>
> Yawn. This certainly isn't 'new'.
>
> A badly secured system is a badly secured system (in this case a web
> server), regardless of the platform.
>
> Andy.
>

This isn't new either ...... but it's still relevant!


http://gcn.com/articles/2006/03/08/i...ty-threat.aspx


Terrorist organizations and other national enemies have launched bogus
Web sites that mask their covert information or provide misleading
information to users they identify as federal employees or agents,
according to Lance Cottrell, founder and chief scientist at Anonymizer
of San Diego.

The criminal and terrorist organizations also increasingly are blocking
all traffic from North America or from Internet Protocol addresses that
point back to users who rely on the English language, Cotrell told an
educational seminar in Washington at the FOSE 2006 trade show's Homeland
Security Center yesterday. FOSE is sponsored by PostNewsweek Tech Media,
the parent company of Government Computer News.

Among the risks of the terrorist cloaking practice are that the
organizations can provide bogus passwords to covert meetings. By doing
so they can pinpoint federal intelligence agents who attend the
meetings, making them vulnerable to being kidnapped or becoming the
unwitting carriers of false information, Cottrell said.

Cloaking is just one means by which hostile intelligence organizations
can exploit the ability of IP addresses to reveal the physical
location'and frequently the organizational identity'of a user visiting a
Web site.

Another method Cottrell described was a case in which hackers set a
number of criteria that they all shared using the Linux operating system
and the Netscape browser, among other factors. When federal
investigators using PCs running Windows and using Internet Explorer
visited the hackers' shared site, the hackers' system immediately
mounted a distributed denial-of-service attack against the federal system.

Reply With Quote
 

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45