This isn't targeted at anyone in particular. But I really can't believe some people are twisting this negatively.
Microsoft certainly aren't saints, but you won't find any normal human beings or businesses that are.
This isn't targeted at anyone in particular. But I really can't believe some people are twisting this negatively.
Microsoft certainly aren't saints, but you won't find any normal human beings or businesses that are.
Last edited by Sly Fox; 02-26-2010 at 01:26 PM.
Last edited by RaZz!; 02-26-2010 at 01:30 PM.
1. Asus P5Q-E / Intel Core 2 Quad Q9550 @~3612 MHz (8,5x425) / 2x2GB OCZ Platinum XTC (PC2-8000U, CL5) / EVGA GeForce GTX 570 / Crucial M4 128GB, WD Caviar Blue 640GB, WD Caviar SE16 320GB, WD Caviar SE 160GB / be quiet! Dark Power Pro P7 550W / Thermaltake Tsunami VA3000BWA / LG L227WT / Teufel Concept E Magnum 5.1 // SysProfile
2. Asus A8N-SLI / AMD Athlon 64 4000+ @~2640 MHz (12x220) / 1024 MB Corsair CMX TwinX 3200C2, 2.5-3-3-6 1T / Club3D GeForce 7800GT @463/1120 MHz / Crucial M4 64GB, Hitachi Deskstar 40GB / be quiet! Blackline P5 470W
Shutting down domains won't shut down the botnet. But I don't see why M$ should get involved in that, because that's not their specialty or the area of expertise.
But maybe using the "backdoor" to shut down the infected clients is where one could use M$-involvement and their area of expertize to solve those nasty DDoS attacks mess?
Last edited by Sam_oslo; 02-26-2010 at 01:50 PM.
► ASUS P8P67 Deluxe (BIOS 1305)
► 2600K @4.5GHz 1.27v , 1 hour Prime
► Silver Arrow , push/pull
► 2x2GB Crucial 1066MHz CL7 ECC @1600MHz CL9 1.51v
► GTX560 GB OC @910/2400 0.987v
► Crucial C300 v006 64GB OS-disk + F3 1TB + 400MB RAMDisk
► CM Storm Scout + Corsair HX 1000W
+
► EVGA SR-2 , A50
► 2 x Xeon X5650 @3.86GHz(203x19) 1.20v
► Megahalem + Silver Arrow , push/pull
► 3x2GB Corsair XMS3 1600 CL7 + 3x4GB G.SKILL Trident 1600 CL7 = 18GB @1624 7-8-7-20 1.65v
► XFX GTX 295 @650/1200/1402
► Crucial C300 v006 64GB OS-disk + F3 1TB + 2GB RAMDisk
► SilverStone Fortress FT01 + Corsair AX 1200W
k... ill take your word for it...
well thats what i dont get...
those machines are infected because they are old and not up to date and full of vulnerabilities... right? well who else knows how to exploit those vulnerabilities better than microsoft itself? so why dont they create a REAL anti-virus, a virus that infects infected machines and updates them and makes them secure again?
well i think they wasted time and money on this that they could have used to shut down much more spam than they did...
still, your right... its good that they are at least trying...
mandatory virus scan of every downloaded file?
The botnet computers recieve the instructions to spam based on the instructions that comes from the domain names.
For instance the bot net will look for bot.spam1.info first for instructions and if no reply then they got to bot.spam2.info etc
They pulled apart the botnet program and found all domain names the botnet refers to and are having all those domain names pulled. In that way the botnet is DEAD. Like cutting the head from a snake lol!
No, not necessarily.
For example, it should not let any programs wipe critical system files or clean some important registry parts.
Heuristics have been used in AV software for ages, the same can be used by OS. In a modest way, of course, not each time a program tries to access HDD!
you think the spammers dont know the ips of their slave pcs and have no means to contact and update them?
one of the main thing most trojans do these days is auto update themselves and infect their pcs with several versions of the trojan...
im pretty sure they have a way to find their slave pcs and update the worms/trojans on them... and even if they dont, they managed to infect them once, why would they have a hard time infecting them again? they are clearly not secure machines...
yes, i wish taskmanager wouldnt be that basic and would show us a lot more...
its really not detailled enough... you cant see what each process is actually doing, if its writing to memory, how much, access the net, what ips on what port etc... why do we need third party tools for that?
for power users and especially IT and admins this kind of functionality should be included in task manager by default...
and it would help even normal end users to check if their pc is infected...
open task manager, check for processes using cpu time, check for processes that access a lot of different ips on different ports... you could find suspicious apps so fast that way...
right now in task manager you can only watch cpu time used, and you can only see the process name, but the process might be hijacked...
Oh man sorry for for that but I have to laugh Go to View->Select columns and enjoy I watch at least CPU time, I/O read and write bytes, virtual memory size for some time now...on every PC I manage at home Task manager is rather powerfull if you discover all it's possibilities.
As for net access, most good firewalls watch this...and you need FW anyway, so...
ADD// as for vulnerability fixes, it's not only MS fault. Most people who has cracked OS don't install updates at all. Companies are not saint as you might think, too; I take paperback Computerworld at school, there are often such a surveys pointing out that ïn quite a lot firms updates are installed very late after the patch comes out.
Last edited by Behemot; 02-28-2010 at 03:01 PM.
DFI Lanparty DK T3eh6 || Intel Core i7 920 D0 || 6GB OCZ Platinum || EVGA GTX285 || Corsair TX850 || CoolerMaster CM690 || Windows 7 x64
Swiftech MCR320 || 3x Yate Loon High Speed || Laing DDC 3.2 || Enzotech Sapphire
There's still 9 other massive bot nets according to the article. 1/10 is hardly going to make a difference. If they only get approval to shut down one at a time then by the time they get approval to shut down the next one the bot net they have already shut down will be back up again.
Hitting 2 birds with a stone eh?
1. Reducing spam filter overhead costs.
2. Attracting even more spam targets directed to hotmail.
Do you get any spam in your email box ? If so, you're benefiting from this action.
Also how do you know that your computer isn't a "zombie" in a bot-net ? (I.e. Using an exploit which hasn't yet been found.) Again if this is the case, you're benefiting from this action.
I get spam regardless of their actions (not much, fortunately). They need to take out every bot net, not one. It's a waste of time just targeting one because it will just pop up again. Actually, the same will probably happen if you take them all out as well.
Because my two OS installations are a few days old and less than one day old respectively, and haven't had the chance to be online long enough to be infected. Plus Waledac (which is the bot net that this article is about) is a Windows bot net only, so the chances of me being infected are quite low. I only use Windows to play games and do some work in 3DS Max. If I am part of another bot net then the actions here by MS are irrelevant.
Last edited by randomizer; 02-28-2010 at 09:24 PM.
I take it you haven't heard of "Every little helps" ? With that attitude, we might as well not bother trying to prevent Cancer because it's only one of many illnesses which can affect somebody.
Back in the days of XP I once re-installed XP and then connected it to the internet. My first action was to download an anti-virus, which I did and installed it. The second action was to download the Service pack. Before the download of the service pack had finished, the installation was ed. My point is that just because you haven't viewed any bad pages or downloaded any bad software does not mean that your operating system cannot pickup unwanted right away. In the case of botnets, you'll probably never know that your system is a zombie of a botnet.
"One step forward, two steps back" is not my idea of "every little bit helps." Cancer research doesn't suddenly lose all of its previous progress just because it hasn't cured it overnight.
Damn, talk about unlucky. Can't say I've ever had that kind of issue right off the bat, but that sort of thing is one reason I've grown tired of Windows. When I do use Windows I don't bother with AV either. Extra bloat which never does anything but pick up tracking cookies.
Luckily for me, the rare piece of malware that can do something can't do much without elevated privileges.
Well it doesn't really matter then does it. As a matter of fact, my ISP monitors traffic for excessive emailing and notifies customers if they've potentially been zombified.
Perhaps we'll need to agree to disagree.
Last edited by randomizer; 02-28-2010 at 10:01 PM.
what?
how on earth did you arrive at that premise? you think that by taking down a botnet, it will actually regrow and DOUBLE in size?
to all the other naysayers, you need to realize that this case sets a precedent, meaning that it will be EASIER and QUICKER to get a court order to shutdown the NEXT targeted botnet...honestly, you've got to start somewhere.
ps, to saaya i think. one issue with having a viral anti-virus program is the fact that you need to FIND the holes in the program first. if you already know the bugs, you might as well fix them the traditional way...its a logical conundrum.
Bookmarks