Skip to main content

View Diary: SoapBlox Press Release on Yesterday's Event (168 comments)

Comment Preferences

  •  It's fortunate (7+ / 0-)

    These SSH brute force scripts are so common, it usually takes the controller a while to get around to taking real control - assuming the person running the script is even a competent hacker in the first place.  The scripts automatically install a copy of themselves, and usually some basic level of backdoor access if they can finagle it; beyond that, they just record the compromised system and send it off to the "owner" of the script for them to deal with when they get around to it...

    That gives the owner of a compromised system some time to lock it down before real damage is done.  SoapBlox was relatively lucky in that regard, and it appears that the systems are now secured enough to hold them together while new secure systems are built.

    Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves. - William Pitt

    by Phoenix Rising on Thu Jan 08, 2009 at 09:55:06 AM PST

    [ Parent ]

    •  I sometimes think... (11+ / 0-)

      ... that the real black hat hackers write and distribute their scripts and rootkits to amateurs for the sole purpose of creating enough noise to hide themselves in.  When a sysadmin looks at his logs, sees a few dozen portscans and brute force password crack attempts day after day, it can lead to ignoring such things.  And then one day, a real attack comes, and the response is delayed, both because vigilance has dropped and because of all the noise of the quasi-malicious communication in the logs.

      Quick to judge, Quick to anger, Slow to understand; Ignorance and prejudice and fear walk hand in hand. -- Neil Peart

      by JRandomPoster on Thu Jan 08, 2009 at 10:04:30 AM PST

      [ Parent ]

      •  That, and more... (4+ / 0-)

        I wonder how many of these script kiddie scripts have an extra hidden notification mechanism that keeps the real crackers in the loop on compromised systems.  The script kiddies gain their little network of systems, but the shadowy figure in the background gets a much larger network...

        Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves. - William Pitt

        by Phoenix Rising on Thu Jan 08, 2009 at 10:14:07 AM PST

        [ Parent ]

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site