Category Archives: DDoS

Linux malware found in screensaver


http://linux.slashdot.org/article.pl?sid=09/12/09/2215253

I hate to say I told you so…actually, that’s not true. In this case, it was sadly obvious that it would happen, but the general attitude of the whole OS/Free Software crowd is still to claim the earth is flat when it comes to Malware.
Interested readers might like to Google my EICAR paper from 2002 called “The Emperor’s New Clothes: Linux and the myth of a virus free operating system”.

There I discussed that the very thing that makes the OSS model work is also its greatest weakness, there’s little control, little QA, and 99% of the time proletariat downloading a package won’t check it (nor would most be competent to), so it’s very easy to insert malware. It’s very likely there is a lot more malware out there lurking in small fringe packages such as the one mentioned in the OMGUbuntu article.
The fact is that with the rise ofthe netbook, Linux becomes a more desirable platform to attack, and at the moment, it’s way too easy. After all, who needs anti-malware software on Linux?

The Zombie Perspective

Nice article by Dennis Fisher on “The Root of the Botnet Epidemic” at

http://threatpost.com/en_us/blogs/root-botnet-epidemic-113009.

Starting from a historical overview of the situation around the turn of the century, with the first DDoS attacks, Mafiaboy, trinoo, stachedraht and all that, with copious quotes from Joe Stewart and Jose Nazario.

Should be an interesting series.

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://dharley.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/