Top botnets control 1M hijacked computers

Storm is a shadow of its former self, Kraken is just another name for Bobax and the biggest botnet goes by the mouthful of “Srizbi,” a noted botnet researcher said today as he released the results of his census of the various armies of hacked computers that spew spam.

Joe Stewart, director of malware research at SecureWorks Inc., presented his survey at the RSA Conference, which opened Monday in San Francisco. The survey ranked the top 11 botnets that send spam. By extrapolating their size, Stewart estimated the bots on his list control just over a million machines and are capable of flooding the Internet with more than 100 billion spam messages every day.

The botnet at the top of the chart is Srizbi. According to Stewart, this botnet — which also goes by the names “Cbeplay” and “Exchanger” — has an estimated 315,000 bots and can blast out 60 billion messages a day.

While it may not have gotten the publicity that Storm has during the past year, it’s built around a much more substantial collection of hijacked computers, said Stewart. In comparison, Storm’s botnet counts just 85,000 machines, only 35,000 of which are set up to send spam. In fact, Storm is No. 5 on Stewart’s list.

Read the rest of the story…

Posted in Internet, Privacy, Security | No Comments

Bypass Proxy Services

Many schools, companies and organizations these days use Internet filtering software to block certain websites from access. However, for every one of these blocking tools, there is a work around for savvy users that want to see the content. It’s not that difficult to bypass MySpace filters and other similar filters meant to limit or prohibit access to YouTube, MySpace and other sites.

(Indeed, even in countries where Internet access is severely restricted, there is always a way around the blockages…unless the country completely shuts down Internet access…but this requires far more skills than the casual user possesses.)

If your network is filtering or blocking the site you want to access (and there have been a number of sites over the years that have been blocked inappropriately), the first thing to try is to use what is called a circumvention site, such as StupidCensorship.com. Sites like this use anonymous proxy servers to circumvent web filters and firewalls.

These work around sites work by providing users with an innocent website that is not blocked by the filtering software…it then gets the website that you truly want to visit.

Read the rest of this story…

Posted in Internet, Networking, Privacy, Software | No Comments

Why Your Computer Runs So Slowly

The first thing I suspect when someone tells me that their PC is running slowly is that they may be dealing with adware or spyware. Typically, a computer infected with this type of malware will display other symptoms as well. Odd behavior such as pop-up ads, your internet home page changing, sudden closing of your browser or even system crashes are all symptomatic of a Spyware/adware infestation. Whether or not you are experiencing any of these additional symptoms, you should scan your PC with a good antivirus/antispyware program. My personal favorite is AVG Internet Security and I highly recommend it. Whichever program you use though, just make sure it has a good reputation.

Another common source of system slowdowns is a highly fragmented hard disk. Disk fragmentation happens over a period of time and may happen so gradually that you don’t even realize how poorly your computer is performing. Fragmentation usually doesn’t cause other symptoms, so if your PC is otherwise acting OK then fragmentation may be the problem. Windows has a built in defrag utility, however it will not defragment especially large files and some system files such as your Paging File (sometimes called the Swap File) or the Master File Table. To run at peak performance you should use a third party defrag utility such as Diskeeper. Third party programs ‘one-up’ the built in Windows utility because they have the advanced features that allow you to defrag the entire drive.

Read the rest of this story…

Posted in General BS, Hardware, Internet, Networking, Privacy, Security, Windows | 2 Comments

ProxyStrike – Background SQL Injection and XSS analysis

The folks over at Darknet do a great job of pointing out interesting tools for use in penetration testing and web app security testing among other things. I won’t be duplicating their feed here, but when I see something that I want to test for myself, I will be posting about it.

One such tool that I have been playing with a little over the couple of days is Edge-Security – ProxyStrike v1.0. from their site:

The process is very simple, ProxyStrike runs like a passive proxy listening in port 8008 by default, so you have to browse the desired web site setting your browser to use ProxyStrike as a proxy, and ProxyStrike will analyze all the paremeters in background mode. For the user is a passive proxy because you won’t see any different in the behaviour of the application, but in the background is very active.

Nifty, I don’t have to do anything, but browse about and rack up the vulnerability counts.  Well, it is not quite that easy, but works quite well in the limited testing I have done using DVL.  I will be playing with it more and will report back what I find.

Source: Infosec Ramblings

Posted in Coding, Internet, Linux, Privacy, Security, Software | No Comments

Wfuzz v1.4 Released for Download – Bruteforcing & Fuzzing Web Applications

A new version of Wfuzz is available, many improvements and fixes since first release which was in the middle of 2007. Fuzzing is definitely in, an article was posted recently about how everyone should keep on fuzzing! Will post it up soon.

Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources that are not publically linked such as directories & files, it can bruteforce HEADERS, GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), it can also bruteforce forms parameters (User/Password) and carry out general Fuzzing,etc.

Read the rest of this story…

Posted in Coding, Internet, Privacy, Security, Software | No Comments