Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] [Rival] Microsoft Conficker Ruins the Internet (and Knocks Down my DNS Server for Hours)

  • Subject: [News] [Rival] Microsoft Conficker Ruins the Internet (and Knocks Down my DNS Server for Hours)
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Thu, 09 Apr 2009 22:57:53 +0000
  • Newsgroups: comp.os.linux.advocacy
  • User-agent: KNode/0.10.9
Hash: SHA1

Conficker begins stealthy update

,----[ Quote ]
| The Conficker worm has started to update infected machines with a mystery 
| package of data. 
| Computer security firms watching the malicious program noticed that it sprang 
| into life late on 8 April.  


Mafiaboy: Conficker Was a Ruse

,----[ Quote ]
| According to Calce, you need to look no further than the Conficker worm, and 
| the worry generated by its expected activation last week, to see why things 
| haven't changed much since 2000.   


Conficker wakes up, updates via P2P, drops payload


Conficker botnet stirs to distribute update payload


This Microsoft rubbish has ruined DNS access for the second time today.


Register.com suffers DNS problems

,----[ Quote ]
| The gossip on Twitter suggested that the company's name servers were the
| target of aDDOS attack, though this hasn't been confirmed.


Register.com suffers further DOS attack


Conficker is a lesson for MPs – especially over ID cards

,----[ Quote ]
| A trio of news pieces for you. The Conficker worm has got into the Houses of
| Parliament's network and infected computers there. MPs have been told, in a
| written answer, that use by them of PGP, the commercial encryption system,
| is "not recommended" on the parliamentary network because it is "not
| compatible" with its current VPN (virtual private network). And, as I write,
| the database of MPs' expenses is being hawked around to newspapers, for a
| high price.


OpenDNS rolls out Conficker tracking, blocking

,----[ Quote ]
| With an estimated 10 million PCs infected by the stealthy worm known as
| Conficker, it's a good bet that plenty of administrators are blissfully
| unaware that their networks are playing host to the pest. Now, a free service
| called OpenDNS is offering a new feature designed to alert administrators to
| the damage and help them contain it.


DNS Patches Slow Servers, but Fast Action Is Advised

,----[ Quote ]
| Microsoft issued a mea culpa about its DNS update on July 17, saying that the
| patch was crippling some machines running its Windows Small Business Server
| suite. Then, on July 25, it said the patch could also affect some network
| services on systems running Windows Server 2008, Windows Server 2003 and
| Windows 2000. In both instances, Microsoft detailed work-arounds.


Microsoft DNS fix causes trouble for some

,----[ Quote ]
| The Microsoft Corp. released a DNS fix in its patch slate for July, but the
| company seems to have problems just getting it to end users. Moreover, some
| users of the DNS fix have experienced additional difficulties.
| So far, since Microsoft's DNS fix was issued on July 10, there have been two
| separate problems associated with its installation.


SUBJECT: Microsoft SWI blog inaccuracies

,----[ Quote ]
| As you know, 3 weeks ago I published my paper, "Microsoft
| Windows DNS Stub Resolver Cache Poisoning"
| (http://www.trusteer.com/docs/Microsoft_Windows_resolver_DNS_cache_poiso
| ning.pdf),
| simultaneously with Microsoft's release of MS08-020
| (http://www.microsoft.com/technet/security/Bulletin/MS08-020.mspx).
| A day later, Microsoft's Secure Windows
| Initiative (SWI) team published their blog entry for MS08-
| 020
| (http://blogs.technet.com/swi/archive/2008/04/09/ms08-020-how-predictabl
| e-is-the-dns-transaction-id.aspx).
| Unfortunately, the SWI blog entry contains two serious
| mistakes. The first mistake is an inaccurate description of
| the PRNG used for the Microsoft Windows DNS client
| transaction ID. The second mistake is SWI's claim that
| "attackers cannot predict a guaranteed, known-next TXID
| exactly even with this weakness".
| I contacted Microsoft about those mistakes, and while
| Microsoft did not refute my statements, they also refused
| to revise the blog entry. On one hand, I am inclined to tag
| this as a simple unwillingness on the side of the vendor to
| revise its materials and admit its mistakes. On the other
| hand, I cannot ignore the fact that the two mistakes, when
| combined, result in misleading the blog reader about the
| nature and the severity of the problem.
| [...]
| This is in stark contrast to SWI's claims. Furthermore,
| Microsoft did have the full paper (actually, a draft of it
| which contains all the relevant technical information) well
| before the SWI blog was published. So the problem here is
| not an issue of SWI not having access to the paper when
| they wrote their blog entry.



Microsoft preps 133 patches for Windows DNS hole

,----[ Quote ]
| Microsoft is working on 133 separate updates for the problem, Budd wrote.


Microsoft DNS Server Attacks Continue

,----[ Quote ]
| The concept enables malicious users to run code remotely under the
| system privileges generally granted to the DNS service itself.


Microsoft: Patch for critical DNS flaw may be ready by 8 May

,----[ Quote ]
| The cmopany has been under pressure to address the flaw, reported
| last week, since software that exploits it has now been widely
| disseminated, and criminals are beginning to use it in attacks.


Attack code raises Windows DNS zero-day risk

,----[ Quote ]
| At least four exploits for the vulnerability in the Windows domain
| name system, or DNS, service were published on the Internet over the
| weekend, Symantec said in an alert Monday.


Cybercrooks exploiting new Windows DNS flaw

,----[ Quote ]
| Cybercrooks are using a yet-to-be-patched security flaw in certain
| Windows versions to attack computers running the operating systems,
| Microsoft warned late Thursday.


Microsoft's advisories giving clues to hackers

,----[ Quote ]
| How's this for a new twist on the old responsible disclosure debate:
| Hackers are taking advantage of information released in Microsoft's
| pre-patch security advisories to create exploits for zero-day
| vulnerabilities.


DNS security improves as firms tool up to tackle spam

,----[ Quote ]
| Infoblox's survey found that the number of internet-facing DNS servers
| increased from 9m in 2006 to 11.5m in 2007, indicative of the overall growth
| of the internet. Percentage usage of the most recent and secure version of
| open-source domain name server software - BIND 9 - increased from 61 per cent
| to 65 per cent over the last year. Use of BIND 8, by contrast, dropped from
| 14 per cent in 2006 to 5.6 per cent this year. Usage of the Microsoft DNS
| Server on web-facing systems also fell, decreasing to to 2.7 per cent in 2007
| from five per cent last year.      


Use of rogue DNS servers on rise

,----[ Quote ]
| The paper estimates roughly 68,000 servers on the Internet are returning
| malicious Domain Name System results, which means people with compromised
| computers are sometimes being directed to the wrong Web sites — and often
| have no idea.  

Version: GnuPG v1.4.9 (GNU/Linux)


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index