Distributed denial of service (DDoS) attacks are unfortunately par for the course on the Internet these days but when high-profile sites are targeted, the attacks are big news. Take for example last week’s DDoS attack on Twitter, which the microblogging site speculated was geopolitical in motivation.

Quick overview of DDoS

DDoS attacks are often caused by botnets flooding Web sites with requests thus bringing the site’s Web servers to their knees. A botnet is a collection of computers that have been compromised by viruses and worms so that they can be controlled by malicious individual(s). An example could be the collection of computers compromised by Conficker, however a Conficker botnet has yet to be leveraged to do harm.

In the case of Twitter, the irony is that it could have been the compromised computers of some of Twitter’s own users that caused the DDoS. Read more »

Here at Plixer, we love giving demonstrations of our product and Go To Meeting is a beautiful tool to show our potential customers the functionality and features of Scrutinizer.

Of course, when giving these demos, sometimes we find things on our own network that we didn’t really anticipate. It was during one such demonstration that my boss found traffic that suggested my laptop was infected with a worm. Let me tell you, that was kinda embarrassing…

So the other day, I’m sitting at my desk and listening to Mike during his presentation when I hear the words, “This looks legitimate…” and “Mitch, your laptop is scanning the network.”

Here we go again…

The funny thing was that our DNS server was running with some old lookup records, so Scrutinizer resolved the IP in question as MixMasterMitch when in reality, it was Mike’s own laptop.

You heard that right. Mike’s laptop was the one that was doing the port scans. At least I’m not alone anymore…

-Nate

You know when something new in the tech world has become mainstream is when hackers begin targeting it. The recent Twitter worm created by 17-year-old Michael “Mikeyy” Mooney helped put Twitter on the map – although not in a way that Twitter would have liked – and exposed a cross-site scripting vulnerability in the microblogging site.

The self-propagating worm struck Easter weekend infecting some Twitter profiles and making them send messages to their contacts to check out Mikeyy’s StalkDaily.com Twitter-like site. (Read an interview with Mikeyy at the NetNewsDaily site.)

Last year, Facebook was hit by the Koobface worm, twice. Like the Twitter worm, Koobface generated messages to friends of infected users on the social networking site. The messages enticed readers to click on a site to watch a video but only after downloading the latest copy of Adobe Flash – yes, you can guess what happens next.

The Facebook and Twitter worms bring home the message that users need to be vigilant when clicking on links in emails, instant messages, Tweets, and so on, even if they appear to be sent by friends or respected brands.

The popularity of Twitter is also giving a boost to URL shortening services, such as the grandaddy TinyURL and the new kids on the block Bit.ly and TweaK. Since Twitter only allows users to update in no more than 140 characters, users are turning to URL shortening services when they want to include long URLs in their updates. But Mikeyy has shown that even updates apparently coming from your friends may not be kosher.

Some URL shortening services enable users to preview links before they click. TechRepublic has posted a useful guide detailing which services offer this feature and how they work.

We believe that you shouldn’t block social networking sites such as Facebook, Twitter and YouTube as they can be beneficial to business, but you can teach your users how to practice safe social networking.

Facebook has details about how to deal with Koobface at its Facebook Security page, and Biz Stone, Twitter co-founder wrote about Mikeyy’s worm in his blog. Security researchers are advising people to disable JavaScript on their browsers to help protect against the Twitter worm. Here are some more security recommendations from Douglas Haider, a Computerworld columnist.

And you know that you can always use Scrutinizer to monitor traffic to these social networking sites.

If there’s one thing to know when working here at Plixer, it’s this: Watch your back when April Fools comes around!

Last year, Tom Pore convinced Raul that there was a customer who needed immediate assistance. Of course, this customer being Mr. Behr and Mr. Lyon at the San Diego Zoo. Raul, being the “go getter”, didn’t bother to second guess Tom’s request and made the call.

The funny part was that the operator that answered the phone caught on long before Raul that he was being duped. Can you imagine that?

Raul – “Good morning, could I please speak to Mr. Lyon?”

Operator - “Sorry, there’s nobody here by that name…”
Raul – “Oh, could I speak to Mr. Behr then?”

Operator – “…”

… and that’s what you get for trusting Tom.

In Raul’s defense though, we did have contacts at the San Diego Zoo, so that made “Mr. Lyon’s” request for assistance way more legitimate.

(I’ll pause to give you guys time to pick yourselves up off the floor)

This coming April, however; we could all find ourselves being the victim of one big prank…

Right now, there’s a lot of buzz being generated on the net regarding the Conficker C worm. The true danger is that 75% of the world’s users are running Windows, which harbors the vulnerabilities this worm exploits. To compound the issue, Conficker C is programmed to have all infected machines accept instructions on April 1st.

What does this mean? I have no idea, and neither does anyone else… and that worries people.

So what will happen when millions of PC’s in this giant botnet awaken?

Maybe some poor sap is going get the DDoS attack of DDoS attacks; maybe we’ll all get spammed with “I Love You!” e-cards; maybe the planet will finally be hacked…

To combat this, Microsoft has issued a patch that supposedly addresses the vulnerability, but it still wants blood from the person(s) responsible.

Earlier this year, Microsoft issued a bounty of $250,000 for information leading to the arrest of the author(s) of Confiker. That person must have some GOOD friends…

So what does Conficker C and Tom Pore have in store for us this coming April Fools? We’ll just have to see…

-Nate