GlockTalk.com
Home Forums Classifieds Blogs Today's Posts Search Social Groups



  
SIGN-UP
Notices

Glock Talk
Welcome To The Glock Talk Forums.

 
  
Reply
 
Thread Tools Display Modes
Old 06-24-2004, 21:17   #1
David_G17
/\/\/\/\/\/\/\/
 
David_G17's Avatar
 
Join Date: Oct 2002
Posts: 7,678
Gov't Warns of Major Web Attack

http://www.foxnews.com/printer_frien...123712,00.html

Gov't Warns of Major Web Attack

Thursday, June 24, 2004

CHICAGO Government and industry experts warned late Thursday of a mysterious, large-scale Internet attack against thousands of popular Web sites. The virus-like infection tries to implant hacker software onto the computers of all Web site visitors.

Industry experts and the Homeland Security Department (search) were studying the infection to determine how it spreads across Web sites and find adequate defenses against it.

"Users should be aware that any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code," the government warned in one Internet alert.

The mysterious infection appeared to target at least one recent version of software by Microsoft Corp. (search) to operate Web sites, called its Internet Information Server, popular among businesses and organizations.

A spokesman for Microsoft declined to comment immediately.

Experts said the attack's effects were unusually broad but weren't substantially interfering with Internet traffic.

"While this is significant, it has no impact on the operation of the Internet," said Marcus Sachs, who helps run the industry's Internet Storm Center (search) in Bethesda, Md.

Experts urgently recommended consumers and corporate employees to update the antivirus software on their computers, since the latest versions can immunize visitors to infected Web sites.

The infected Web sites attempt to implant on visitors' computers hacker software that allows others to use their computers to surreptitiously route Internet spam e-mails.
__________________
"One handgun a month is too much."
"If you ask me, 12 handguns/year is too much."
"I'd be OK with one gun a year."
"We need the strong gun regs and enforcement Europe has."
-DU debates America's future 10/23/2005
David_G17 is offline   Reply With Quote
Old 06-24-2004, 21:19   #2
David_G17
/\/\/\/\/\/\/\/
 
David_G17's Avatar
 
Join Date: Oct 2002
Posts: 7,678
~yawn~

step one...
__________________
"One handgun a month is too much."
"If you ask me, 12 handguns/year is too much."
"I'd be OK with one gun a year."
"We need the strong gun regs and enforcement Europe has."
-DU debates America's future 10/23/2005
David_G17 is offline   Reply With Quote
Old 06-24-2004, 21:26   #3
4TS&W
2A RKBA 4EVER
 
4TS&W's Avatar
 
Join Date: Jul 2002
Location: here and there...
Posts: 10,767
My GT display looks funky for some reason.... is this why??? ;P
4TS&W is offline   Reply With Quote
Old 06-25-2004, 12:59   #4
mpol777
Feral Member
 
mpol777's Avatar
 
Join Date: Jul 2001
Location: Cochise County, AZ
Posts: 9,260


Exactly my reaction. *YAWN*

Quote:
...target at least one recent version of software by Microsoft Corp. ...
Is anyone actually shocked by this?
__________________
Grown men do not need leaders
mpol777 is offline   Reply With Quote
Old 06-25-2004, 13:09   #5
HerrGlock
CLM Number 2
Scouts Out
 
HerrGlock's Avatar
 
Join Date: Dec 2000
Posts: 64,493


Is anyone else running trusted Solaris and not particularly concerned about their servers being infected?

;f
__________________
Sent from my rotary phone
"The way I see it as soon as a baby is born, he should be issued a banjo!"- Linus Van Pelt
UNIX - Not just for Vestal Virgins any more
HerrGlock is offline   Reply With Quote
Old 06-25-2004, 15:17   #6
grantglock
/dev/null
 
grantglock's Avatar
 
Join Date: Feb 2004
Location: Iowa
Posts: 932
Send a message via Yahoo to grantglock
Trying 65.174.244.51...
Connected to siebrecht.us.
Escape character is '^]'.
HEAD / HTTP/1.0


HTTP/1.1 200 OK
Date: Fri, 25 Jun 2004 21:12:03 GMT
Server: Apache/2.0.48 (Unix) PHP/5.0.0RC2
X-Powered-By: PHP/5.0.0RC2
Set-Cookie: lang=english; expires=Sat, 25-Jun-2005 21:12:11 GMT
Connection: close
Content-Type: text/html; charset=ISO-8859-1
grantglock is offline   Reply With Quote
Old 06-25-2004, 16:14   #7
HerrGlock
CLM Number 2
Scouts Out
 
HerrGlock's Avatar
 
Join Date: Dec 2000
Posts: 64,493


Quote:
Originally posted by grantglock
Trying 65.174.244.51...
Connected to siebrecht.us.
http://www.siebrecht.us was running Apache on Linux when last queried at 25-Jun-2004 22:07:46 GMT

Linux Apache/2.0.48 (Unix) PHP/5.0.0RC2

I like it. How do you like the Apache 2.x setup? Did you have to change much for it?

DanH
__________________
Sent from my rotary phone
"The way I see it as soon as a baby is born, he should be issued a banjo!"- Linus Van Pelt
UNIX - Not just for Vestal Virgins any more
HerrGlock is offline   Reply With Quote
Old 07-20-2004, 10:47   #8
grantglock
/dev/null
 
grantglock's Avatar
 
Join Date: Feb 2004
Location: Iowa
Posts: 932
Send a message via Yahoo to grantglock
I like it, I didn't do an upgrade from version 1 so I didn't have to change anything. That is just a box that I mess around on so I change apps to the latest beta versions all the time.
grantglock is offline   Reply With Quote
Old 07-20-2004, 11:11   #9
gudel
Senior Member
 
gudel's Avatar
 
Join Date: Jun 2001
Posts: 4,047
what is this, another red alert?
gudel is offline   Reply With Quote
Old 07-20-2004, 13:56   #10
SamBuca
Senior Member
 
SamBuca's Avatar
 
Join Date: Aug 2002
Location: Carlisle, PA
Posts: 1,839
Send a message via AIM to SamBuca
Quote:
Originally posted by grantglock
I like it, I didn't do an upgrade from version 1 so I didn't have to change anything. That is just a box that I mess around on so I change apps to the latest beta versions all the time.
Unfortunately it's a pain in the neck on a Debian system since Debian stable has hideously outdated libraries and development tools. Not even close to the requirements of Apache 2.x or PHP 5.x.
__________________
Cum ignis armi proscripti erunt tum soli proscript ignis armatas habebunt. Morituri te salutant.
SamBuca is offline   Reply With Quote
Old 07-22-2004, 13:57   #11
physicsdevil
Member
 
Join Date: Jan 2000
Location: California
Posts: 75
Quote:
Originally posted by grantglock

X-Powered-By: PHP/5.0.0RC2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0594

Not exploitable yet, but with heap overflows, it's just a matter of time.
physicsdevil is offline   Reply With Quote

 
  
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT -6. The time now is 21:47.




Homepage
FAQ
Forums
Calendar
Advertise
Gallery
GT Wiki
GT Blogs
Social Groups
Classifieds


Users Currently Online: 982
304 Members
678 Guests

Most users ever online: 2,672
Aug 11, 2014 at 2:31