Worth A Glance

(The following was prepared in response to a recent invitation to describe “two dangerous but common security mistakes companies make”)
Rather than looking at this in terms of mistakes, I’d rather take this as a chance to describe two simple things network administrators can do to have an immediate positive impact on data security:
1) Don’t get [...]

Not long ago, it was fairly simple to decommission even largely distributed botnets serving up web content (e.g. online-pharmacies, cheap software) by reporting the abuse to the DNS provider. In an effort to build more robust botnets, the botmasters have responded by adding DNS servers to their armies.
Browse to your EmailSecurity junkbox and have a [...]

NewScientist has a good article on the evolution of Botnet infestations, reinforcing the need for Web Application Firewalls to protect against injection attacks.
Seeing a publication like NewScientist providing coverage to this topic suggests an expanded set of minds offering consideration to this problem. The research paper cited in the article was produced by Google (not [...]

The Metaeye Security group (bonus points for not capitalizing the “e” in “eye”) have released ZmbScap (Zombie Scapper), a Perl script designed to detect and disable various zombie DDoS tools (including Stacheldraht, Wintrinoo, Mstream, Tribal Flood Network, Trinoo, Shaft, Trinitinty, and Entitee). It achieves this by attempting to issue a kill command to the infected [...]

As if the previously cited estimate wasn’t bad enough, now Vint Cerf (the man who lives in Al Gore’s shadow) submits that of the 600 million internet connected machines, 150 million (1/4) are infected, active members of botnets.
It’s clear that we can’t expect individual users to defend themselves, let alone to clean-up this situation. ISPs [...]