Total Pageviews

Thursday, March 17, 2005

Spies infiltrate zombie computer networks

This is a REALLY good article. The use of zombied computers to launch DOS attacks is an "old" but effective method of attack.
Before looking at the article, NOTE: ONLY windows based machines are targets of this type of nonsense. If you run a Mac, or, in my case, a Linux box, this stuff will not get you.

It works like this. Some idiot uses a Windows based machine with no firewall, no virus protection, no adware protection, and mindlessly clicks on an email attachment. This is usually something like promised pictures of a naked woman or another teaser. When you click on the executable file (or a .doc file, indicating a Microsoft Word file...., thank you AGAIN, Bill Gates), the attachment inserts a small line of code that sends a quick message out and waits for instructions. Upon command, your machine will either send mail, or (more likely) a "ping" to a specified internet address. When you have tens of thousands of puters sending multiple pings (an internet way of saying "knock knock, are you there?"), the receiving server is so overwhelmed it simply gives up and stops receiving ANY traffic.

Because this is a "swarming" type of attack, it is very difficult to detect and prosecute the source. Using a "honeypot" (honeyNET, in this case), you lure bad code, take it apart, and send in "spy" code to infiltrate the outfit who originally sent it. The original article is here. New Scientist Breaking News - Spies infiltrate zombie computer networks

No comments: