±Recent Visitors

Recent Visitors to Com-Central!

±User Info-big


Welcome Anonymous

Nickname
Password

Membership:
Latest: cgsimpson
New Today: 0
New Yesterday: 0
Overall: 6645

People Online:
Members: 0
Visitors: 194
Total: 194
Who Is Where:
 Visitors:
01: Downloads
02: Member Screenshots
03: Member Screenshots
04: Community Forums
05: Member Screenshots
06: Community Forums
07: Home
08: Photo Gallery
09: Community Forums
10: Community Forums
11: Member Screenshots
12: Home
13: Community Forums
14: Community Forums
15: Member Screenshots
16: Downloads
17: Downloads
18: Community Forums
19: Community Forums
20: Community Forums
21: Community Forums
22: Community Forums
23: Photo Gallery
24: Photo Gallery
25: Statistics
26: Your Account
27: Community Forums
28: Home
29: Photo Gallery
30: Community Forums
31: Your Account
32: Community Forums
33: Community Forums
34: Community Forums
35: Downloads
36: Photo Gallery
37: Community Forums
38: Community Forums
39: Community Forums
40: Photo Gallery
41: Community Forums
42: Community Forums
43: Member Screenshots
44: Community Forums
45: Downloads
46: Community Forums
47: Home
48: Community Forums
49: Community Forums
50: Community Forums
51: Photo Gallery
52: Home
53: Member Screenshots
54: Home
55: Home
56: Photo Gallery
57: Community Forums
58: Community Forums
59: Community Forums
60: Community Forums
61: Downloads
62: Community Forums
63: Community Forums
64: Community Forums
65: Community Forums
66: Photo Gallery
67: Home
68: Home
69: Photo Gallery
70: Community Forums
71: Downloads
72: Community Forums
73: Photo Gallery
74: Community Forums
75: Photo Gallery
76: Community Forums
77: Photo Gallery
78: Photo Gallery
79: Photo Gallery
80: Community Forums
81: Community Forums
82: Community Forums
83: Community Forums
84: Photo Gallery
85: Community Forums
86: Home
87: Photo Gallery
88: Home
89: Community Forums
90: Community Forums
91: Photo Gallery
92: Community Forums
93: Your Account
94: Community Forums
95: Community Forums
96: Downloads
97: Community Forums
98: Community Forums
99: Community Forums
100: Community Forums
101: Photo Gallery
102: Home
103: Photo Gallery
104: Community Forums
105: Member Screenshots
106: Photo Gallery
107: Photo Gallery
108: Community Forums
109: Community Forums
110: Community Forums
111: Community Forums
112: Community Forums
113: Community Forums
114: Photo Gallery
115: Downloads
116: Community Forums
117: Community Forums
118: Community Forums
119: Community Forums
120: Community Forums
121: Home
122: Community Forums
123: Photo Gallery
124: Your Account
125: Community Forums
126: Photo Gallery
127: Community Forums
128: Community Forums
129: Community Forums
130: Community Forums
131: Home
132: Community Forums
133: Home
134: Community Forums
135: Community Forums
136: Community Forums
137: Community Forums
138: Community Forums
139: Community Forums
140: Member Screenshots
141: Photo Gallery
142: Community Forums
143: Community Forums
144: Photo Gallery
145: Home
146: Photo Gallery
147: Community Forums
148: Community Forums
149: Photo Gallery
150: Community Forums
151: Community Forums
152: Member Screenshots
153: Community Forums
154: Photo Gallery
155: Community Forums
156: Home
157: Home
158: Community Forums
159: Community Forums
160: Photo Gallery
161: Community Forums
162: Community Forums
163: Community Forums
164: Community Forums
165: Community Forums
166: Community Forums
167: Community Forums
168: Photo Gallery
169: Home
170: Community Forums
171: Photo Gallery
172: Community Forums
173: Community Forums
174: Photo Gallery
175: Photo Gallery
176: Home
177: Community Forums
178: Photo Gallery
179: Community Forums
180: Community Forums
181: Photo Gallery
182: Photo Gallery
183: Photo Gallery
184: Community Forums
185: Community Forums
186: Home
187: Photo Gallery
188: Community Forums
189: Community Forums
190: Community Forums
191: Photo Gallery
192: News Archive
193: Home
194: Community Forums

Staff Online:

No staff members are online!
M$ on the prowl?? :: Archived
Resolve issues with your computer problems here or read about the latest computer parts and information.
Post new topic    Revive this topic    Printer Friendly Page     Forum Index ›  Hardware

Topic Archived View previous topic :: View next topic  
Author Message
Shadow_Bshwackr
Janitor

Offline Offline
Joined: Jan 21, 2005
Posts: 7015
Location: Central Illinois, USA
PostPosted: Fri Oct 28, 2005 11:21 am
Post subject: M$ on the prowl??

Check this article out! AND...I hate to say it, but I'm the MS' side this time..:wink:

This article is a bit long, but worth the time to read..:D

Kudos to my friends and colleagues at Microsoft Legal. They have successfully, and I believe are the first to have, cracked the zombie network infrastructure by reverse-engineering, if you will, a zombie attack. Or, more to the point, by inviting one.

By installing a bit of zombie code on an otherwise clean computer, and then connecting that computer to the Internet, Microsoft caused the computer to summon the zombie mothership, and boy did that mothership respond. Almost as soon as they connected the computer to the Internet, “connection requests from hundreds of IP addresses poured into the machine, commanding the infected computer to distribute millions of illegal spam e-mails.�

Then, by cross-referencing the sending IP address and the domains advertised in the spam with those in their vast corpus of spam culled from MSN and Hotmail spam-traps, Microsoft’s legal team was able to determine the origin of both the remote zombie commands, and the spam being sent through the zombies.

Then they did what any self-respecting legal team would do with that information. They sued their *sses.

The lawsuit, filed in August, and currently a Doe lawsuit (meaning that they are still in the process of discovering the real identities of the defendants) is likely to be tedious and drawn out, but in the matter of Microsoft v. Zombies, I’m betting on Microsoft.

Here is their full press release about the lawsuit, and their “Don’t Get Tricked on Halloween� public awareness campaign:

WASHINGTON, D.C., Oct. 27, 2005 - Like medical researchers studying a strain of a contagious virus, Microsoft Internet Safety Enforcement investigators carefully experimented this summer with a tiny piece of malicious code used by computer criminals to hijack personal computers. The investigators began by placing a single copy of the code onto a healthy computer and then connected the computer to the Internet.

Almost immediately, the researchers noticed the first rumblings of life. The infected computer sent an alert with its Internet location and hijack status to a distant server. Then, connection requests from hundreds of Internet Protocol (IP) addresses poured into the machine, commanding the infected computer to distribute millions of illegal spam e-mails.

These requests meant one thing: the investigators had successfully created a “zombie� computer.

Today, Microsoft, the U.S. Federal Trade Commission (FTC) and Consumer Action, a public watchdog and education group, launched a campaign aimed at helping consumers prevent their computers from getting turned into zombies.

Timed to coincide with National Cyber Security Awareness Month and Halloween on Oct. 31, the “Don’t Get Tricked on Halloween� campaign alerts computer users to the threat of zombie computers and how to protect their personal computers (PCs) from being infected with malicious code. In addition, Microsoft is announcing a legal enforcement action that for the first time specifically targets illegal e-mail operations that connect to zombie computers to send spam.

“The only way to slow the spread of zombies and other online threats is by going after them as resolutely and in as many ways as possible,� says Tim Cranton, director of Microsoft’s Internet Safety Enforcement programs.

Turning Computers into Zombies

While the zombies of Hollywood B-movie fame are easily identifiable by their gruesome appearance and menacing groans, zombie computers are silent stalkers. People who use the Internet but don’t properly protect their PCs from computer criminals may never know that their machines have been compromised - even after their infected machines begin causing problems for other people and, potentially, themselves.

As government agencies and e-mail providers such as Microsoft have cracked down on ways of exploiting consumer and business PCs, many computer criminals have turned their attention to creating zombies. They do so by tricking people into loading malicious code by hiding it in e-mail attachments or in music, video or other files that people download online - or even within data transferred when clicking on an infected Web site.

Illegal spam sent by zombie computers has increased dramatically in recent months and as of this summer now accounts for more than half of all spam, according to studies conducted by industry groups. In addition, computer criminals can use zombie computers to launch phishing attacks that try to steal personal information, such as Social Security and credit-card numbers.

As more people sign up for high-speed Internet connections at home, computer criminals have set their sights on a growing population of potential zombies that never sleep. “High-speed connections are an extremely convenient and extremely powerful way to access the Internet, but people need to realize that their connections don’t turn off when they walk away from their computers,� says Aaron Kornblum, Microsoft’s Internet-safety enforcement attorney.

In less than three weeks, the Microsoft lab’s zombie computer received more than 5 million requests to send 18 million spam e-mails. These requests contained advertisements for more than 13,000 unique domains, Cranton says. On a regular computer, these spam mails would have ended up in e-mail inboxes or, if nabbed by a spam filter, in junk e-mail folders. But Microsoft’s researchers quarantined the zombie machine, preventing it from sending any spam onto the public Internet, he says.

“We were startled by the quantity of data directed at this single machine,� says Kornblum, who helped lead the zombie investigation. “Even a lone spam zombie can spew huge volumes of illegal e-mail across the Internet.�

Taking Spammers to Court

Microsoft maintains more than 130,000 MSN Hotmail “trap� accounts to investigate patterns within spam. These accounts catch e-mail sent by spammers to potential e-mail addresses. But, as all spam investigators quickly learn, investigating spam after it’s delivered is like tracing an unwanted letter with an illegible (or fake) return address. Most spammers protect their identities by sending mail through zombies or using other masquerading tricks, making it fruitless to trace spammers based on the name listed in the “From� line in the e-mail’s header.

But Microsoft’s zombie investigation gave the company new insight into how it, as a technology developer and e-mail provider, can fight spam and zombies, as well as how to fight the creators of zombies in court.

“By inserting ourselves in the spammers’ path and looking upstream, we have been able to see things we have never been able to see before,� Cranton says.

Specifically, Microsoft was able to uncover the IP addresses of the computers that were sending spamming requests to the quarantined zombie, along with the addresses of the Web sites advertised in the spam.

To prove these spamming requests were not isolated examples, Microsoft compared the Web sites advertised in the quarantined zombie’s spam to those listed in spam in the MSN Hotmail trap accounts.

Cranton says the researchers found numerous identical matches, and were able to determine that approximately 13 distinct spamming operations either helped create or exploit the zombie code placed on the quarantined computer.

These spammers, who are currently unidentified, are named as “John Doe� defendants in the civil lawsuit Microsoft filed in state court in King County, Wash., on Aug. 17. Filing a “John Doe� lawsuit allows Microsoft to use legal discovery tools - such as third-party subpoenas - to help learn the defendants’ true identities.

Capturing the Attention of Busy Consumers

Because the potential threat is so great, the anti-zombie campaign stresses prevention as the best defense against spam and zombie attacks. All three partners in the “Don’t Get Tricked on Halloween� campaign are urging consumers (See “Stop Zombie PC Attacks in their Tracks,� this page) to ensure their computers have the latest software for detecting and preventing computer viruses and spyware. The partners also are stressing the importance of installing a software firewall, programs on a computer or network of computers that examine e-mails and other incoming information to determine if they pose a threat before they are delivered within the computer.

The anti-zombie campaign promotes educational Web sites run by Microsoft and the FTC. The federal consumer-protection agency recently launched OnGuardOnline.gov, a Web site that provides tips, articles and videos to help protect computer users and their information from online threats. The new site builds on “Operation Spam Zombies,� a campaign the FTC launched in May, along with 35 government partners from more than 20 countries, to encourage Internet service providers (ISPs) to take zombie-prevention measures.

Microsoft and other organizations who mount consumer education campaigns know they need much more than technical know-how to change the way millions of people use the Internet.

“It’s easy for new and increasingly sophisticated online threats to overwhelm people.� Cranton says. “We hope this Halloween safety warning will capture the public’s attention and ensure the lessons stick, so more people take advantage of the resources that are available to help protect them online.�

Ken McEldowney, executive director of Consumer Action, says the Halloween-related theme of the current campaign is important because it will help reach people who aren’t as focused on technology and are still learning their way around the Internet. “Folks who are computer savvy are not going to be fooled by phishing attacks� sent by zombie computers, he said. “It’s everybody else that we need to reach. That’s where the challenge is.�

McEldowney credits Microsoft for “now dealing with security up front…making it very clear that security has become a very prime focus.� But the fact that a U.S. government agency and a consumer organization are leading the anti-zombie campaign alongside Microsoft demonstrates the danger of the threat - and increases the chances that people will hear the message.

“By working together, you can be much more effective,� he says. “Our message has much more credibility, and we can bring the strengths of the partners together to achieve the goals of the campaign.�

In addition to educational efforts, such as the anti-zombie campaign, with government and other organizations, Microsoft has invested hundreds of millions of dollars in recent years on research and development of new security features and tools for its existing products. The company also has acquired new products and technologies, including Microsoft Windows AntiSpyware, to provide consumers additional layers of protection.

Sidebar: Stop Zombie PC Attacks in their Tracks

Tips on how Internet users can prevent their computers from becoming zombies:

. Use a firewall to protect computers from hacking attacks while connected to the Internet. . Get computer security updates or use the automatic updating features to shield computers from viruses, worms and other threats. . Use up-to-date anti-virus software to help protect against the latest threats. . Get anti-spyware software and beware of tricks designed to get people to download and install unwanted and sometimes destructive software. This software is sometimes distributed in non-commercial music downloads, file-sharing programs and free games. . Be cautious about opening any attachment or downloading any files in e-mails from unknown senders.
Back to top
View user's profile Visit poster's website Photo Gallery
Display posts from previous:   
Post new topic    Revive this topic    Printer Friendly Page    Forum Index ›  Hardware
Page 1 of 1
All times are GMT - 6 Hours

Archive Revive
Username:
This is an archived topic - your reply will not be appended here.
Instead, a new topic will be generated in the active forum.
The new topic will provide a reference link to this archived topic.