Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> espoused:
> Is the Botnet Battle Already Lost?
> ,----[ Quote ]
>| It's dress-down Friday at Sunbelt Software's Clearwater, Fla.,
>| headquarters. In a bland cubicle on the 12th floor, Eric Sites
>| stares at the screen of a "dirty box," a Microsoft Windows
>| machine infected with the self-replicating Wootbot network worm.
>| Botnets filled---and easily replenished---with compromised
>| Windows have emerged as the key hub for well-organized crime
>| rings around the globe, using stolen bandwidth from drone
>| zombies to make money from nefarious Internet activity,
>| according to security experts tracking the threat.
>| Statistics from multiple sources justify Evron's pessimism.
>| According to data culled from Microsoft's MSRT (Malicious
>| Software Removal Tool), back-door Trojans and bots represent
>| a "significant and tangible threat to Windows users."
>| Since the first iteration of the MSRT in January 2005, the
>| tool has removed at least one Trojan from about 3.5 million
>| unique computers. Of the 5.7 million infected Windows
>| machines, about 62 percent was found with a Trojan or bot.
>| During the attack, which exploited a Windows Server Service
>| vulnerability, security researchers at the German Honey-net
>| Project discovered that hijacked PCs were being used to
>| install ad-serving software from DollarRevenue, a company
>| that pays between a penny and 30 cents per installation.
>| Within 24 hours, the IRC-controlled botnet seized control of
>| more than 7,700 machines. During a four-day stretch, the
>| researchers counted about 9,700 infections from a single
>| command-and-control center and calculated that the attacker
>| earned about $430 in commissions from DollarRevenue alone.
> I think I have seen this article before, but the date is current.
It's a good article, and illustrates very well indeed the threat level
caused by having Windows computers connected to the internet. As I said
elsewhere, the proper solution is the removal of windows from the
internet; if Microsoft wish to continue to vend Windows (I'm not so
sure that they will if/when Vista is released), then they should be
required to produce a /secure/ operating system.
Probably the biggest and nastiest aspect of their monopoly has been
their attitude to security, and yet it's the least recognised, so far.
The impact of MS working to prevent competition in operating systems
(DRDOS), shells (Windows 3.x vs alts), browsers (IE vs netscape), and
more recently media players (real vs windows mplayer) has been well
recognised, and their most recent attack on boot loaders is well known,
as well as their crippling of OpenGL in Vista. However, the impact of
deliberately releasing insecure software on the world far outweighs
anything else, now.
| Mark Kent -- mark at ellandroad dot demon dot co dot uk |
Someone who knowns 101 ways to make love, but can't get a date.