Thursday, January 27, 2011

Darkness Unleashed......

Darkness DDos Botnet Tool
A free version of a fast-growing DDoS botnet tool has been unleashed in the underground. The  Darkness botnet is known for doing more damage with less -- Boasting that it can take down an average-sized site with just 30 bots. This botnet has been very active over the past few months. In just the past three weeks, for example, Darkness has attacked an average of 1.5 victim sites per day, and about three per day in the fourth quarter of last year. An older version of the bot code, version 6m, had become available for free in various underground forums as of late December. Darkness requires fewer infected systems, which makes it more efficient.

Some consider Darkness a big competitor to the already-established Black Energy botnet. But unlike Black Energy, which has been known to deliver one-to punches of both DDoSing and stealing information from its victims, Darkness -- aka "Optima" and "Votwup" -- thus far appears to be all about its specialty, overwhelming websites with benign HTTP requests. It pumps out lots of packets ... And Darkness is not using any new vulnerability or technology. It's more just a good implementation of a known methodology for doing DDoS. 

The bot code circulating also includes other features as well.  There is a feature aimed at disrupting online voting and polling. A higher-end version of Darkness sells for $350 and includes three different command and control servers, providing a must-have for any botnet operator today, some built-in redundancy and resiliency just in case a researcher or law enforcement manages to take down one of its C&C servers.
Posted by at No comments:

Wednesday, January 19, 2011

Microsoft's Attack Surface Analyzer

Microsoft released some recent updates to its secure development life-cycle tools recently, and showed some of the Enhancements at Black Hat DC . These tools are not necessarily limited to .Net, but if your a .NET developer, I highly recommend that . take a closer look at them.
for Exp... The Attack Surface Analyzer compares the state of your system before and after you install software to determine the impact your software has on the system, what resources it depends on and what changes it makes. It will also enumerate possible security issues. good step in the right direction...

Microsoft SDL blog article has more details.
http://www.microsoft.com/security/sdl/getstarted/tools.aspx
http://blogs.msdn.com/b/sdl/archive/2011/01/17/announcing-attack-surface-analyzer.aspx
Posted by at No comments:
Subscribe to: Posts (Atom)