Re: OpenDNS Now Blocker Conficker & Other Botnet Threats



Bit Twister <BitTwister@xxxxxxxxxxxxxxxx> wrote:
On Sat, 14 Feb 2009 13:25:06 (CET), Ansgar -59cobalt- Wiechers wrote:
Threats like Conficker are mitigated by secure system configuration
(i.e. not making services publicly available that aren't supposed to
be publicly available). Trying to mitigate them by manipulating DNS
is an utterly stupid thing to do.

Heheh, only script kiddies are going after publicly available
services.

Well, those "script kiddies" managed to get parts of the networks of
Britsh, French and German military offline. ;)

Because of the NATing routers and people finally installing firewalls,
Black hats have long since moved to going after exploits in the
applications reading Internet content (document, video, audio
viewer/players....)

That's a different attack vector. Harder to exploit, because it's a
passive attack. Stuff like that usually works best for targeted attacks.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
.



Relevant Pages

  • Re: ssh-rbls Re: intrusion via ssh
    ... But under Windows it is better to ... i'd say it's fair game to play their game ... kiddies to get into their boxes and than attack from it ... we go after script kiddies or attackers if they do get in and spend ...
    (Debian-User)
  • Re: [Fwd: Silly crackers... NT is for kids...]
    ... i have several freebsd web servers getting attacked all day long. ... > that it is one person orchestrating the whole attack in a pathetic ... Is this a common attack that script kiddies are using ...
    (FreeBSD-Security)
  • Re: Problem to understand the meaning of a log of ShoreWall
    ... Attack is a little harsh. ... I would call it normal attempts by script kiddies. ... Now I just put the ports in /etc/shorewall/blacklist when they are ...
    (comp.os.linux.networking)