?

Log in

No account? Create an account

Previous Entry | Next Entry

'Tis a productive morning!

So far today, I have created a new brochure for one of our distributors, found and fixed a very subtle and deeply-buried PHP bug in a commercial video sharing software package that a friend of mine bought, and discovered a massive Russian Business Network attack on the ISP softlayer.com in which thousands of Web sites hosted by them and their downstream customers have been compromised.

I also had a very tasty quesadilla for lunch. And it's not even 1:00 yet.

Tonight, I think I'll write some pr0n, track down another RBN hack attack I may have sniffed out against sites running phpBB, and try to level my warrior's blacksmithing skill in World of Warcraft. Maybe I'll document the security breach at Softlayer as well. Looks like a zero-day exploit against cPanel.


Comments

( 10 comments — Leave a comment )
7owti5
Jan. 24th, 2008 06:22 pm (UTC)
Woah. You're kicking all kinds of ass this morning!

I'm... still sleeping...... *falls down*
joreth
Jan. 24th, 2008 07:35 pm (UTC)
I didn't even wake up until 1 PM!

Of course, I went to bed at 4 AM after having been awake 23 hours and getting only 4 hours of sleep each night for the past week :-D
sweh
Jan. 24th, 2008 08:05 pm (UTC)
Is the softlayer breach related to this? http://www.channelregister.co.uk/2008/01/16/mysterious_web_infection_continues/

Infected sites also use a wide number of different web hosts, making that an unlikely entry way for attackers. While Cpanel, a tool for remotely administering the site, appears to be modified by the infection, Landesman says her research suggests that is also not the way attackers gain access.
tacit
Jan. 24th, 2008 08:49 pm (UTC)
It looks like a very similar style of attack, the difference being that this particular attack appears to be focused on one particular ISP rather than spread out all over.

I've seen speculation that the initial attack worked by infecting people's home PCs with a garden-variety virus, which looked for popular FTP programs, read their favorites lists if it found them, then sent the FTP information back tot he originators of the attack. That way the folks responsible for the attack could gain access to the victims' Web sites, which explained why there was no pattern in software, Web hosts, or server platform of the infected sites.

This attack looks to be identical, but there's a pattern to the Web sites being hijacked, which suggests the possibility they were compromised in a different way. A common thread through all of this seems to be the use of cPanel on the affected Web hosts.
jonnymoon
Jan. 25th, 2008 05:24 pm (UTC)
Beginning to wonder if you're enough of a bother to be rubbed out yet.

Know what I mean? I mean, if Hillary Clinton can have a man (men?) rubbed out and still be a presidential canidate a few years later, I think that the Russian mafia can elimnate you without fear. This country is too damn ignorant and lazy to do a damn thing about it, much less care.

But for what it's worth, I'm really impressed (again) by your leet talents.
tacit
Jan. 25th, 2008 10:46 pm (UTC)
Well, I think there's some nontrivial effort and expense in having someone rubbed out from another country...and when it comes to annoying the Russian Business Network, there are plenty of people in line ahead of me.

Knock on wood.
make_your_move
Jan. 25th, 2008 11:11 pm (UTC)
What server do you play in on WarCrack?
tacit
Jan. 25th, 2008 11:48 pm (UTC)
I'm all over the place. I have several high-level Horde-side characters and one level 60 Alliance-side character on Medivh, a couple of high level Alliance-side characters on Eonar (including my raiding character, a 70 mage), a Horde-side raiding character (70 warrior) on Windrunner, and low-level Horde and Alliance characters on Medivh, Earthen Ring, Doomhammer, Shandris, and Feathermoon.
make_your_move
Jan. 25th, 2008 11:18 pm (UTC)
Coming from strictly a text-y point of view
I find your combination of poly,hard core geek, and kinky a really attractive combination.

Shame you don't live closer to DC.
tacit
Jan. 25th, 2008 11:49 pm (UTC)
Re: Coming from strictly a text-y point of view
Or that nobody's yet invented cheap, convenient teleporatation technology. :)
( 10 comments — Leave a comment )