DDoS and Security Reports

A few things caught my eye this week, so I’ll post them here.

After Virus Bulletin, I had a nice conversation with Ryan at eWeek that he recorded for the OnSecurity Podcast: The Rise of For-Profit Botnets [MP3, duration: 17:38]. I had never done a podcast before, and I don’t usually listen to them (though I do listen to a lot of NPR). Podcasts, and especially disembodied voices, are just alien to me. Anyhow, my first podcast, and some information on the botnet problem. Enjoy, and thanks again, Ryan.

It seems that the UK has codified DDoS attacks under the Computer Misuse Act of 1990, and now DDoS attacks will get you 5-10. It took them long enough, and it will be interesting to see this definition pushed, but it is a step forward. Not that any country welcomes DDoS attacks, but it’s nice to see some law being clearly pushed at dealing with the offenders.

My mom has been “deputized” in the fight against phishing. She reported two phishing incidents this week to me, and I passed them on through an anti-phishing organization I participate in. Nice to say that the attacks were taken offline in a couple of house. Way to go, mom!

If you haven’t seen them, the PhishTank stats page is interesting. However, someone on one of those anti-phishing lists I’m on raised a better question, and one that I haven’t seen answered: where are people registering these phish, and where do they claim to be from? OK, so the US has a lot of servers that get popped, does that mean that most phishers “strike” from near their homes?

Updated to add: Oh! I almost forgot this great writeup on the WebAttacker toolkit from the folks at Websense. A very concise description of this Internet scourge.

Popularity: 2% [?]

This entry was posted on Sunday, November 12th, 2006 at 10:10 pm and is filed under Arbor Networks - DDoS Experts. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.