Monday Morning Malware: check ur 'puter
erco
Posts: 20,259
Per http://news.yahoo.com/malware-may-knock-thousands-off-internet-monday-063924510--finance.html
go here: http://www.dns-ok.us/ and hope for a green screen. My computer got the green...
If anyone gets a red screen (indicating they're infected), please report back to let us all see how widespread the problem is.
go here: http://www.dns-ok.us/ and hope for a green screen. My computer got the green...
If anyone gets a red screen (indicating they're infected), please report back to let us all see how widespread the problem is.
Comments
Due to erco's publishing its URL on the highly popular Parallax Forum, the test site has received a surge of hits, bringing it to it's knees. Pundits have coined a term for this phenomenon, calling it the "Parallax Effect."
-Phil
I got a green background so all should be okay.
Sounds like Monday may be a busy day for me... Looking forward to it..
OBC
No you shouldn't trust them because they don't make it clear what they're checking for. Just do an 'nslookup' on Google.com or some other valid domain and check your DNS server hostname and address.
You may be right, PhiPi, 'cuz the site ain't working right now!
Edit: It's back up, I was testing other computers in da house and it wouldn't connect for ~5 minutes.
No malware -- or poltergeists, either -- on this PC!
-Phil
Otherwise, it would have been sensationalized by the news media, something to the effect of "Government Agency Shuts Down Internet for Many" or some other crazy headline.
The truth would never get out in time over all the screaming, with public opinion making its own (incorrect) conclusions.
The actual reason of shutting it down, like everything else it seems, was lack of congressional funding for the project.
That something like that has gone on for so long, is really a sad statement on just how computer technology illiterate the United States is yet.
And the solution is so crazily simple, just fix the entry pointing to the wrong DNS server.
Also, get used to cyber-warfare, which is a different animal than this chronicle (a bot-net intended to make money).
Heater:
I don't understand your viewpoint about Stuxnet. That thing was pure genius. And if Linux or whatever was involved in "the target" then you can be guaranteed they would have found a way to exploit it. Linux isn't targeted because it's secure, it's not targeted right now because it's obscure. If Linux or any other sufficiently sophisticated OS was #1 in usage, we'd still be having patch tuesdays for it just like now with Windows.
Maybe not. That's assuming someone finds a bunch of real stoopid (that's "stupid" with a longer "OO") implementation errors in one or more linux distribution, and the linux community decides not to address them "for business reasons". Both would be required and both are unlikely.
I often have wondered what the market share break point would be for a sharp rise in mac attacts and tux attacts ...
I recon some where in the 20-30 % that apple will have some heavy issues . . apple last I looked was 13 % share . only time will tell ..
peter.
I read that the stuxnet worm was created by the USA and Israel with an intent to break Iranian nuclear centrifuge equipment. You can read about it here:
http://arstechnica.com/tech-policy/2012/06/confirmed-us-israel-created-stuxnet-lost-control-of-it/
http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=2&_r=1&seid=auto&smid=tw-nytimespolitics&pagewanted=all
Malware is malware. No matter who created it or their intentions. It has the potential to do great damage to the computers of the world and or compromise my data. It is inherently bad. In the past (even now) the creators of such devices could get into serious trouble, quite why it's OK for a government to do it now is beyond me.
Now we have a warning here about a malware and the article suggests visiting a site run by the FBI. The FBI is an agency of the USA the creators of the stuxnet worm.
Call me paranoid but this is like being directed to a skillful and famous safe cracker/locksmith who has done his time for burglary and asking him to check the security of your house. There is no trust in them as far as the safety of my computer is concerned anymore. What else might they do whilst I visit there?
Sadly the USA is a very dangerous organization to have messing with your computing, ask Kim Dotcom. No doubt, viruses worms etc have always been pretty smart. However malware is malware. No matter who created it or their intentions. It has the potential to do great damage to the computers of the world. It is inherently bad. I was being a bit humorous when I said I would not worry because I run Linux (There was a smiley at the end of my post).
I agree, it would be folly to assume you are safe and secure just because you run Linux or any other OS. Nothing is 100% safe. Security is an ongoing concern and vigilence must be maintained. Not so sure. What do you mean by "obscure"?
Clearly as an opensource product there is nothing obscured about its operation.
If you mean it is not widely used I might dispute that. Linux runs most of the web sites and other servers of the world. Linux powers coutless mobile phones. Linux powers an awful lot of embedded systems. Against that I might start to think it is less obscure (rare) than Windows. Certianly there are many systems running on it that might have value for an attacker.
Don't forget Linux is not an OS, Linux is a kernel. How secure your Linux based OS is depends mostly on what you build on top of it.
We don't have "patch Tuesdays" for Linux. Security patches and up grades are coming every day. On my Debian it's just an apt-get away or I can automate that.
Linux might not have 'malware' but you don't need malware to steal information. Malware is scripted for the masses. I have used many Linux computers as honeypots trust me when 'hackers' see a linux PC on your network, they will pay special attention to it, because it must be serving some higher purpose.
In the end it all comes down to best practices. If you cannot deploy and maintain something properly, the OS doesn't matter. That is like blaming the oven for burning your dinner.
Then of course there's always that "wetwear" that sits behind the keyboard. Social engineer'ed threats are on the rise.
OBC
exactly .. same applys to users that run as ROOT all day long.. MS for years used to default to ADMIN rights on new MSbox and you had to make a non ADMIN ffor normal use to lock down a MS box .
In the BSD and the *NIX world you SUDO.. to get what you neded only when you need it .. . so allready you have a better User policy ..
all my computers are set up to not let me or any one tinker with there insides . ( SW wise ) so I have to do many actions to get to make a potental bad change
Heater I used the word Obsure only from a consumer standpoint .. 1% of moms and dads use the magic bird as a Home system ,, and mom and dad who are to me the ones who are some times the most clueless. AT RISK... . some BOFH with his Cisco and MS and C+ certs can make a dos box in to fort knox . and they know what not to do . so IMO in the IT world you can do the same reguardless of the OS you use .
I still dont understand . Why people run as admin .. or click on anything .
To own a computer you must allwas be paraniod .
if you are really nuts........ run your computer off a Live boot DVD and never have a writable file system .
I have a FewUSB sticks with Switch based Write protection I use for just this .
some people are so internet based and use just web based toools that for some a Live ROM is not such a bad Idea .. . makes hacking SO much more hard . for all purporsis impossable . sans flash a BIOS ..
http://news.yahoo.com/blogs/lookout/blackout-monday-dns-changer-know-155840354.html
-Phil
This has a strangely familiar Y2K ring to it. The sky is falling! The sky is falling.. Sheesh...