Monday, February 03, 2003

Gulf War 2 Simulation. File this under Flash humor. A tip of ye olde dunce cap to IP for the link. 2:21:05 PM    comment [] It's Slammer Time! Uno) Microsoft Was Vulnerable to Worm Virus SEATTLE (AP) -- Microsoft Corp. itself was exposed to the virus-like attack that crippled global Internet activity last weekend because it failed to install crucial fixes to its own software on many Microsoft computer servers. Although Microsoft contends its failure to keep up with its own updates did not cause major problems, security experts said it points to a larger issue: Microsoft's process for keeping customers' software secure is hugely flawed. The virus-like attack, called ``slammer'' or ``sapphire,'' exploited a known flaw in Microsoft's ``SQL Server 2000'' database software, used by businesses, government agencies, universities and others around the world. Microsoft had issued a patch for the flaw in July, but many -- including some units within Microsoft -- had failed to install it.    http://www.nytimes.com/aponline/technology/AP-Microsoft-Worm.html Dos) De Natura Profundis In the talk about SQLSlammer not much was said on the nature of the worm which is quite groundbreaking. According to several reports [1][2], it is only 376 bytes in size and can send a full copy of itself encapsulated in a single UDP package. You cannot beat the efficiency. No expensive three-way TCP handshake or other high-level protocol overhead. This is a whole different ball game than Code Red or Nimda. Each and every data packet is a fully contained worm. We have seen the implications of this design. [1]http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid!824 [2]http://www.techie.hopto.org/sqlworm.html Tres) The Spread of the Sapphire/Slammer SQL Worm We have completed our preliminary analysis of the spread of the Sapphire/Slammer SQL worm. This worm required roughly 10 minutes to spread worldwide making it by far the fastest worm to date. In the early stages the worm was doubling in size every 8.5 seconds. At its peak, achieved approximately 3 minutes after it was released, Sapphire scanned the net at over 55 million IP addresses per second. It infected at least 75,000 victims and probably considerably more. This remarkable speed, nearly two orders of magnitude faster than Code Red, was the result of a bandwidth-limited scanner. Since Sapphire didn't need to wait for responses, each copy could scan at the maximum rate that the processor and network bandwidth could support. The full analysis is available at http://www.caida.org/analysis/security/sapphire/ http://www.silicondefense.com/sapphire/ http://www.cs.berkeley.edu/~nweaver/sapphire/ 2:09:27 PM    comment [] America: European Perspective III (William Pfaff) "The crisis between Americans and the Germans and French over war in Iraq only superficially arises from the Bush administration's determination since 2001 to attack Saddam Hussein. The two West European governments have seen the Iraqi dictator as a minor international problem, and war against him as likely to do more harm than good. But there is also a divergence in long-term perspective." "West Europeans, generally speaking, do not share America's ambitions of vast global reform or visions of history coming to an end. They had enough of that kind of thinking, and its consequences, with Marxism and Nazism. They are interested in a slow development of civilized and tolerant international relations, compromising on problems while avoiding catastrophes along the way. They have themselves only recently recovered from the catastrophes of the first and second world wars, when tens of millions of people were destroyed. They don't want more. " "The difference between European and American views is more sensibly explained in terms of an irresponsible and ideology-fed enthusiasm of Bush administration advisers and leaders for global adventure and power, fostered by people with virtually no experience, and little seeming imaginative grasp, of what war means for its victims. " . . . "... the intellectually claptrap war rhetoric of the Bush administration seems unbearably unimportant, evidence only of how remote the political class in the United States remains today from all the rest of the world." ("Europe and America: Some know more about war", International Herald Tribune) 1:35:47 PM    comment []

© Copyright 2003 Jay Machado. Last update: 5/7/2003; 11:29:45 PM. This theme is based on the SoundWaves (blue) Manila theme.