- It's the applications, stupid
- Will a whitelist save personal computing?
- Thousands of Web sites under attack
- To solve the unsolvable problem
- Re-thinking the security of virtual machines
- Security Development Lifecycle trumps code complexity
- Is your Web site FIPS compliant?
- Computer security: Why have least privilege?
- Strategic security: Get a handle on authentication
- Control user installs of software
February 14, 2007 | Comments: (0)
CastleCops under DDoS attack.
From my friend, Paul, CastleCops founder:
-------------------
As you may be aware, castlecops.com has been under a ddos since last night. It knocked us out for a couple hours, but our ISP and their upstream vendor were able to mitigate. Until now. Upstream vendor has logs, but they have been working on sending it to Johnny all day.
I got the call from my ISP about 45 minutes ago. The attack blew out the entire network at at rates way above normal. He requested that the upstream vendor block all traffic to castlecops.com. At that point, CastleCops entered into a live or die situation. We don't have the money to add on extra bandwidth.
We need help from our friends in industry to stay alive and keep up the fight. This is all that Robin and I do, and we don't want to stop.
Paul Laudanski, Microsoft MVP Windows-Security Phish XML Feed: http://www.castlecops.com/article6619.html
Phish Takedown: http://castlecops.com/pirt
LinkedIn: http://www.linkedin.com/pub/1/49a/17b
www.CastleCops.com | de.CastleCops.com | wiki.CastleCops.com
Update (2/15/07): Castlecops is back up. Paul reported that the bot net's Command & Control site was identified and the upstream traffic is being blocked.
Update (10/2/07): The person who possibly did this has been arrested.
http://www.castlecops.com/a6833-Botmasters_Take_Heed_–_You_Are_Being_Put_On_Notice.html
Posted by Roger Grimes on February 14, 2007 05:37 PM
RATE THIS ARTICLE:
-
- COMMENTS
When will our incompetent legislators get off their overpaid posteriors and pass laws to enable pursuing and prosecuting these bandwidth thieves, & DDoS'ers, not to mention the pernicious spammers who send multiple copies of identical scam spams daily?
What really angers me is notations in generated spam reports (using SpamCop)about the originating ISP: "ISP does not wish to receive reports". Well if the spammer hosting ISP shouldn't get them, who should?
Posted by: David C at February 15, 2007 03:14 PMi agree w/ David C's comment. Its unfortunate that one has to justify damages in monetary terms (i think there's a certain amount) before law enforcement can even jump on it. by then damage is already done :-)
then again, i was told (reliable source) that there's a bill in congress waiting to be passed that will address the very same issue that David points to.
regards,
/virendra
Well, the DDoS is back in full force today. www.castlecops now has a lightweight page up, more info can be read here: http://www.knujon.com/news.html
What needs to be done is a broad petition to Congress - both House and Senate - to get busy pronto.
Meanwhile, check out that news page - and if a casual reader has an opportunity to help Paul and Robin out, much obliged. No, I'm not in any way affiliated other than in my plain vanilla condition of a fellow netizen fed-up with spam, malware, phishing and similar assorted organized international crime.
Posted by: nv1962 at February 20, 2007 02:56 AMOne thing the DDOS attacks prove is that Castlecops.com is indeed having a positive affect against these malware/phishing loser criminals. They have unwittingly told Paul and Robin that their castlecops site is an important pillar in the fight against these pathetic cyber criminals.
Posted by: TJ at February 23, 2007 06:39 AMThis is a fight that the IT profession should take on. This is not just about botnet computers or some hired gun to take down websites. This is a FIGHT for the internet. The fight for GOOD or EVIL. If we allow these thugs or criminals to take down websites or hold companies hostage for ransom, then civilization as we know it is at risk. The internet will become the new weapon of terror if it is not already being use to that extent. Those who advocate criminal activities on the internet should be sought out and reported to law enforcement. There is no glorification or satisfaction that is to be gain. All scams fighting sites are under attacks. These sites are the first line of defense against cybercrime whether you agreed or disagreed with their methods. We at http://scamfraudalert.com/ [scamfraudalert.com] remain resolute to this FIGHT.
Posted by: ScamFraudAlert at September 18, 2007 03:28 PMTOP STORIES
Hyperconnected users growingSteve Jobs to keynote WWDC
CSC settles kickbacks case
MS previews SMB software
What does HP-EDS really mean?
Mac Office 2008 SP1 released
HP buys EDS for $13.9 billion
Corporate IT spending slows
MS targets smartphone market
Sun to clarify JavaFX plan
ADDITIONAL RESOURCES
- Application Security: Threats and How to Counter Them
- Why Linux Threats Mean Business
- Minding the Machines: PC Disaster Recovery for the Enterprise
- Protect Your Data with SSL
- Prevent Your Next Microsoft Exchange Outage
- 11 Myths About Microsoft Exchange Backup & Recovery
