17-09-02, 06:01 AM
|
#1
|
|
Alpha Stoner
Join Date: Apr 2001
Location: www.naphoria.com
Posts: 5,121
|
Quote:
Linux worm creating P2P attack network
A new worm that attacks Linux Web servers has compromised more than 3,500 machines, creating a rogue peer-to-peer network that has been used to attack other computers with a flood of data, security experts said Saturday.
The worm seems to spreading fairly rapidly, according to security company Symantec, which early Friday detected about 2,000 infected computers that were actively attacking—a number that climbed to 3,500 late Friday. The company’s security personnel could not be contacted for comment Saturday.
"It is confirmed through various sources that this worm is in the wild and actively attacking other servers," the company warned its newest advisory Saturday.
The worm targets Apache Web server installations on a variety of Linux systems, including those from Red Hat, SuSE, Debian, Mandrake and Slackware.
By exploiting a security hole in the Apache OpenSSL module that enables a widely used encrypted communications service known as the secure socket layer, the worm can copy itself to new servers.
The advisory includes an analysis of the so-called Linux.Slapper.Worm’s code, revealing some details of the attack network created from servers compromised by the worm.
"(Slapper) also includes a number of peer-to-peer capabilities, which allow it to communicate with other clients, and participate in a distributed denial-of-service (DDoS) network," stated the advisory.
It’s uncertain how much danger the worm poses. While an advisory posted Friday by Symantec rates the new threat a 2 out of 5, with 5 being the most severe threat, the latest advisory rates the potential danger as “high.”
Antivirus company Kaspersky released an advisory on the worm early Saturday, which stressed that the the company hadn’t seen any reports of infected machines from its customers.
Though the rogue peer-to-peer network of compromised servers is still being created, it has already been used to attack the DNS servers of a major Internet service provider, according to a statement posted on the Internet Storm Center, a Web site that tracks security incidents on the Net by correlating data among voluntarily submitted firewall logs.
Domain-name service, or DNS, servers acts as the yellow pages of the Internet by matching domain names, such as news.com, to the numerical addresses used by the Net’s hardware. By leveling a denial-of-service attack at such servers, an attacker can block customers of the assaulted ISP from connecting to Web sites.
Further evidence of the DDoS network being used came in an e-mail sent out by RackShack.net to its customers. The Web hosting provider apparently warned administrators that several of its servers had been used to conduct attacks against other providers.
"This morning we found 20-plus machines that were used to launch a DoS attack," Patrick Smith, a systems administrator for the company, stated in the e-mail seen by News.com. "We are currently reviewing the compromised hosts and it appears this worm is the culprit."
http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2880336,00.html”]All about the Slapper TROJAN/WORM here..[/url]
TalkBack: Post your comment here
|
Okay..I will you retards..
Quote:
Why is this trojan being called a P2P network?
Are people sharing ideas and information, knowledge and understanding, humor and experience? No. Systems are linking in the way of all trojans used for this purpose in the past and in the future and as all their ilk they have SFA to do with P2P.
To label this trojan part and parcel to P2P is to call all computer users hackers.
This pisses me off to no end and is just what I do NOT expect to read on the ZDNet site. This is no more than tripe and no less than slander of the community I support and have come to love. Some of the brightest and best of the internet are in our ranks and I take great offence at being lumped in with script kiddies intent on mayhem and self-gratification through the exploitation of others with back-handed measures.
This more accurately describes the ‘Music Industry’, not the P2P community!
Šiego
________________
www.naphoria.com
www.napsterites.net
|
Dispicable reporting if ever there was.
Š 
Last edited by Šiego : 17-09-02 at 06:12 AM.
|
|
|
Hybrid Mode
