Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2008-03-03 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Security Blog Catchup!

Published: 2008-03-03
Last Updated: 2008-03-03 18:50:16 UTC
by Stephen Hall (Version: 1)
0 comment(s)

With the consumer expansion of the Internet being driven by broadband access, the take up of ADSL and Cable services has been dramatic. This has had a side affect that a the majority of the spam, DDoS and fraud activities such as click-fraud are run from systems on the remote end of a broadband connection.

A month ago, the people over at GnuCitizen and the Hackers Webzine published a challenge to find out how (in)secure the routers many people use to connect to the Internet are. Well the judges have broken up from their huddle and the votes counted. The results are in, and you can catch them here, and here.

To make things more interesting, and you can see where GnuCitizen is going with this one, they have also posted a blog entry on the lack of security of many Internet connected systems which have SNMP available to the Internet.

Operating system vendors over the past decade have made considerable headway in making their systems more secure out of the box. Its better, but they have a long way to go, but network device vendors need to realise that just putting username and password authentication on a device, and turning off remote admin access from the Internet is just not enough.

Keywords:
0 comment(s)

From hearts to postcards, storms back

Published: 2008-03-03
Last Updated: 2008-03-03 08:18:58 UTC
by Stephen Hall (Version: 1)
0 comment(s)

In January we had two articles by ISC handlers highlighting the Storm e-mails. The first an interesting read on the authorities position on storm, and the second showing that Storm had not gone away, but was exploiting Valentines day.  Also, worth a look is the work by Threatstop.

Well, Storms back, and back to generic e-Card spam. James sent in a note giving us some Subjects and Contents to watch for:

Subject:             

Your ecard joke is waiting
You have an ecard
We have a ecard surprise
Someone Just sent you an ecard
Did you open your ecard yet
ecard waiting for you
Open your ecard
new ecard waiting
Now this is funny
online greeting waiting
sent you an ecard

Body:             

laughing Funny Card
You have been sent a Funny Postcard
You have been sent the Funny Ecard
original Funny Card
Someone Sent you this Funny Ecard
your funny postcard
original Funny Postcard
sent a Funny Postcard
personal funny postcard
FunnyPostcard
laughing funny postcard

Watch your inbox, and lets hope the AV vendors jump on this quickly.

 

Keywords:
0 comment(s)
Diary Archives