Dark_Matter

Kinda funny, but stupid also. (LOL)

http://www.endofworld.net/

Very awesome!!! Glad to see testmy.net getting such attention. Although with great popularity comes more headaches as well i'm sure CA3LE will agree.

Let's see KeyHole which is now google earth to start, Shines Spotlight on Web 2.0. Maybe others can finish the list.

ehhh the bots frown upon you!!!!!!!!! Nah nice to see a lighter side of the internet every once in awhile.

After valentines day, mothers' day, secretary day (got to get me one) and you-know-what-else day, we also have bot day!

Not sure what organization or person is behind the invention of this one, but heck, bots deserve all the recognition they can get! Performing un-thankful jobs of maintaining statistics, opping/voicing users, setting topics and a whole range of other tasks we make them able to with expanding them with scripts 24 hours a day, 7 days a week. Except of course, for those moments where the shell is down or the wrong process is killed ...

They sure make our online experience a whole lot easier and richer!

Cheers to Horcsog for the haads up =)

source http://irc-junkie.org

If you have enough money the law does not really exist everyone knows that. Just about anyone can be bought for the right price.

Seems google is buying up everything in site these days. eehhh

http://www.technewsworld.com/story/QZzeVchgQWKvq8/Google-Buy-Shines-Spotlight-on-Web-20.xhtml

I'd say they are legit. If you have any doubts contact them before you buy.

http://www.supermediastore.com/contact.html

Can't remember what website i got this from off hand, but found this one intresting.

('binary' encoding is not supported, stored as-is) It appears that various routers are prone to an IRC-only DoS attack. Particularly Netgear and Linksys routers have been shown vulnerable.

If a client behind one of the vulnerable routers connects to an IRC server on port 6667 (and only 6667, does not DoS with other ports) and a user posts the following string in either a channel, private message, ctcp, notice, etc.. the router will drop the connection. The string is as follows:

DCC SEND anylongrandomstringhere

It is most commonly being seen as

DCC SEND "string" 0 0 0

but that appears to be unneccessary. The string does need to be 15+ chars in length.

Further, it appears the routers that are vulnerable to this are running vxworks as their embedded OS. Older linux Linksys routers appear to be immune.

Figured i'd post this so if any of you know someone using phpBB you can warn them.

Program: phpBB

Homepage: http://www.phpbb.com

Vulnerable Versions: All phpBB versions

Risk: High Risk!!

Impact: Multiple DoS Vulnerabilities.

-==phpBB Multiple DoS Vulnerabilities ==-

---------------------------------------------------------

- Description

---------------------------------------------------------

phpBB is a high powered, fully scalable, and highly customizable

Open Source bulletin board package. phpBB has a user-friendly

interface, simple and straightforward administration panel, and

helpful FAQ. Based on the powerful PHP server language and your

choice of MySQL, MS-SQL, PostgreSQL or Access/ODBC database servers,

phpBB is the ideal free community solution for all web sites.

- Tested

---------------------------------------------------------

many forums

- Explotation

---------------------------------------------------------

profile.php << By registering as many users as you can. The registration has to ve deactived the security code image.

search.php << by searching in a way that the db couln't observe it.

This vulnerability has discovered in the version 2.0.15 but it works in all versions if the security image code is not activ

ated. The exploits used were published some months ago, you can check it out in www.neosecurityteam.net

Since we are talking about DDoS, and i don't want to start another thread about DDoS i'll just post this here.

Does anyone remember this it was considered the greatest DDoS attack of all time, and almost brought the entire internet to it's knees. Had it went on for longer experts believe it would have.

http://www.internetnews.com/dev-news/article.php/1486981

Sad part is this 13 or even 50 thousand is small compared to whats out there. There are botnets out there upwards of 400 thousand to 600 thousand or more in size. I know people who have large botnets having one isn't the moral issue here it's what this heartless kid did with his, but yeah they could have also been more clear on the amount than they were. 

I hope they throw the book at this punk kid!!!!!!! They don't have the technical skills to actually break into a system so they DDoS it. To DDoS a hospital how low can you go?

Here are a few numbers to get you started:

AT&T-Corporate # 908-221-4191

AT&T Corporate Media Relations

Jim Byrnes, +1 (908) 234-8754, [email protected]

Gary Morgenstern, +1 (908) 234-6416, [email protected]

AT&T Business Media Relations

Bob Nersesian, +1 (908) 234-4548, [email protected]

Regional Media Relations

Eastern U.S. (Conn., Del., Maine, Mass., Md., N.H., N.J., N.Y., Pa., R.I., Va., Vt., W. Va.)

Ed Bergstraesser, +1 (212) 803-2667, [email protected]

Southern U.S. (Ala., Fla., Ga., Ky., La., Miss., N.C., S.C., Tenn.)

Aaron Bedy, +1 (404) 810-7157, [email protected]

Central U.S. (Ill., Ind., Mich., Ohio, Wis.)

Mike Pruyn, +1 (312) 230-4894, [email protected]

Western U.S. (Ariz., Ark., Colo., Idaho, Iowa, Kan., Minn., Mo., Mont., N.D., Neb., N.M., Okla., Ore., S.D., Texas, Utah, Wash., Wyo.)

Kerry Hibbs, +1 (972) 778-2081, [email protected]

Pacific U.S. (Alaska, Calif., Hawaii, Nev.)

Gordon Diamond, +1 (415) 442-2268, [email protected]

Europe, Middle East, Africa

Niall Hickey, +44-771-577-1451, [email protected]

I use to work for a branch office of AT&T in ohio, and i'm sure i can get you some contact numbers.

AT&T is a global company honestly they have no more loyalty to the US than a foriegn country does. I'm really not surprized at this it's the greed for the almighty dollar at work once again. Although it is sad they would do this i can't say i'm shocked to much. The world has been built on greed, and the (give me give me give me, take take take) factor. When people are brought up like this you're bound to see greed on levels like this.

source of article: http://www.irc-junkie.org

More news concerning DDoS'ers I'm afraid. Christopher Maxwell, of Vacaville California USA, 20 year-old, has been charged that he launched an DDoS attack in which he crippled a hospital. In the hospital the attack caused for the doctor's pagers not functioning anymore as well as shutting down computers of intensive care units.

Maxwell will see his first court appearance on the 23th of this month.

The botnet is thought to have consisted of 13,000 to 50,000 infected machines which were controlled over IRC.

Although the attack heavily crippled the hospital (Northwest Hospital and Medical Center in north Seattle) nurses quickly switched to using charts and were able to prevent any human harm.

Maxwell and two unidentified juvenile companions used a botnet to display unwanted advertisements on infected computers, which earned them an estimated $100,000.

For his crime, Maxwell can face up to 10 years in jail, $250,000 fine and returning damages. Northwest Hospital published that its costs to repair the network were $150,000.

I know i have about 12 customers on one server i host for, and 5 or 6 on another server i have, and i use up about 300 GB a month between the both of them. I was thinking testmy.net would be up there in the 100 GB or more a month just for testmy.net easy. Maybe even 200 GB. I'm just blindly guessing now. LOL

How much bandwidth does testmy.net consume each month? I'm just curious.

It's an OpenSource world what can i say? If the world were truly OpenSource it'd be a better place to live. ehhhh 

I lay no loyalty to apple, but i seriouly doubt M$ will have the ablity to knock the ipod off it's mountain top. IPOD is a household name across america, and many other countries these days. M$ did good with xbox/xbox360, but i don't see them being any threat to the ipod. Only time will tell though. 

I've been using various tools to test out many domain names nameservers to see if they were OPEN/RECURSIVE, and my findings are bad. I tested about 400 various domain names for these open nameservers, and atleast 90% of the ones i tested were recursive.

What does this mean? It means that anyone can query a recursive nameserver for domains it's not  authoritative for. If a bad guy wanted he/she could use these open nameservers as a Denial Of Service tool, and more. Then you also have to worry about cache posining the list goes on. I mainly write this for those who run their own DNS to make sure you do not have open nameservers, and if you do to close them.

If you run BIND you can easily close them by adding this line to either your named.conf or named.conf.options in /etc/bind/

allow-recursion {localnets; };

This line  tells bind to only act recursively for systems that are part of the same logical subnet as the Bind server. For Microsoft based DNS servers there is usually only an on off option for recursion which makes it harder to fix than for bind. Anyway i hope this helps my fellow geeks. Later!

Things will probably be alot easier for you to deal with in an X session. Myself i hate GUI's. I can't live without shell access it's all i need. 

You're in the linux shell, and you are mark@ubuntu at the moment. If you want to start GUI or X session for it type startx.

I'm a debian, and slackware linux lover. I run debian on all my dedicated boxes i have. I'd kinda like to reply to the sudo comment above (EHH) Any linux, or unix box connected to the internet should never never NEVER allow root logins of any type (SSH FTP TELNET) Whatever the case is. Any good administrator will login as a regular user then sudo or su to root. sudo is more secure, and has more options than su, but either will work. This makes someone trying to gain root to your box have to get two logins correct instead of just one. You's be surprized how many dummies i see allow root logins to their boxes.