Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Dashboard: Sending cluepacket...

In comp.os.linux.advocacy, Roy Schestowitz
<newsgroups@xxxxxxxxxxxxxxx>
 wrote
on Tue, 30 May 2006 17:16:36 +0100
<3612751.nMXno1sygV@xxxxxxxxxxxxxxx>:
> __/ [ The Ghost In The Machine ] on Tuesday 30 May 2006 17:00 \__
>
>> In comp.os.linux.advocacy, Roy Schestowitz
>> <newsgroups@xxxxxxxxxxxxxxx>
>>  wrote
>> on Tue, 30 May 2006 14:18:30 +0100
>> <1596075.B5JVvugIPQ@xxxxxxxxxxxxxxx>:
>>> __/ [ Linonut ] on Tuesday 30 May 2006 13:01 \__
>>>
>>>> Got this message in a console Window while running Abiword:
>>>> 
>>>>    Dashboard: Sending cluepacket...
>>>> 
>>>> I thought it was funny.
>>>> 
>>>> I tried sending a cluepacket to Erik, but it came back:
>>>> 
>>>>    Dashboard: connect: Connection refused
>>>
>>> That's the status you will typically get when the server is overwhelmed in
>>> the midst of DDOS attacks. The Windows zombies must be attacking
>>> Funkenbusch.com again... which provides a clue.
>> 
>> Well, it's apparently up at the moment and
>> it's a...(drum roll)...Apache 2.0.54!
>> 
>> (Erm, anyone see a slight incongruity there?)
>> 
>> Then again, it may not be the same guy.  Does Erik live in Minnesota?
>
> I pointed out this 'Apacheness' to him.
> That was quite some time ago. Yes,
> he's a Webmaster somewhere in that area,
> probably at some academic institute, to be precise.
> This explains why he knows commercial CMS's and
> jumps at any opportunity to rave about them.
>
> Anyhoo... even Apache cannot save you from Windows
> zombies. It can cope with /more/ of them, but they
> cannot be defeated.

I wouldn't expect Apache to.  It's a bit like the Dutch
boy with his finger in the dyke -- as the dyke completely
fails.  (Hope he can swim in that case. :-) )  Doesn't
matter if said kid is a nice robust kid with muscles to
shame a Russian weightlifter, or a poor skinny sort who
falls over when someone even threatens to sneeze on him;
both get swept away if the flood behind the barrier is
big enough.

For a nastier example, I can point to the US example of
Lake Ponchetrain and New Orleans' levee system, which
isn't looking very new at the moment.  :-/

> UIP's are too diverse for filtering because they are
> controlled remotely, by proxy.

Erm..."UIP"?  Best I can come up with is "User Interface
Program", or perhaps "Unusual Internet Poundings".  :-)

(And regrettably they don't look so unusual to me.)

> I was a sufferer
> myself on several occasions... here's a small sample
> that I could gather by filtering by the keyword 'zombie'...
>
> http://schestowitz.com/Weblog/archives/2005/11/13/zombies-home/
> http://schestowitz.com/Weblog/archives/2005/10/29/microsoft-zombies/
> http://schestowitz.com/Weblog/archives/2005/10/17/under-attack-again/
> http://schestowitz.com/Weblog/archives/2005/10/15/aftermath-attack/
> http://schestowitz.com/Weblog/archives/2005/10/13/windows-attacks-web/
> http://schestowitz.com/Weblog/archives/2005/10/13/zombie-attack/

Ew.  Good luck.

I wish there were a nice way for you to charge the virus
writer for the wasted bandwidth. :-)  Best I can do here
perhaps is find a good lawyer -- and locate the originator
of the worm(s)/virus(es)/malware.  The first should be easy
enough (for the right price), but I can't say regarding
the second.

Of course suing Microsoft might also work, since they
created conditions allowing the worm(s) to spread in the
first place.  (A bit like a restaurant cooking bad food
because someone didn't bother to clean the place.)

The "dynamite monkey" is cute, and reminds me of
SNL's Happy Fun Ball:

http://en.wikipedia.org/wiki/Happy_Fun_Ball

>
> It's not just DDOS attacks that zombies are used for to bang on Linux
> servers.
>
> http://schestowitz.com/Weblog/archives/2006/03/01/spam-varieties/

I get a bit o' spam myself -- nothing horribly special.
Since I use mailx/fetchmail I'm perfectly safe, although
Earthlink might not be; I don't know since I'm not all
that familiar with their internal infrastructure regarding
Email reception.

-- 
#191, ewill3@xxxxxxxxxxxxx
Windows Vista.  Because it's time to refresh your hardware.  Trust us.

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index