技术控

    今日:95| 主题:49531
收藏本版 (1)
最新软件应用技术尽在掌握

[其他] Mirai “internet of things” malware from Krebs DDoS attack goes open source

[复制链接]
嘚過苴過 发表于 2016-10-6 02:54:30
210 7

立即注册CoLaBug.com会员,免费获得投稿人的专业资料,享用更多功能,玩转个人品牌!

您需要 登录 才可以下载或查看,没有帐号?立即注册

x

Mirai “internet of things” malware from Krebs DDoS attack goes open source-1 (different,available,internet,getting,service)

   Last week, we wrote about aDDoS attack on well-known investigative cybercrime journalist Brian Krebs.
  To explain.
   A DDoS attack is an aggressive sort of DoS attack, where DoS is short for denial of service .
   A DoS is a bit like getting into the queue at the station to buy a ticket for the next train, only to have a time-waster squeeze in front of you and slow you down.
  By the time the miscreant has asked, innocently enough, about the different sorts of ticket available, and whether it costs extra to take a bicycle, and how much longer it would take if he were to change trains in Manchester, only to walk off without buying a ticket at all…
  …you’ve watched your train arrive, load up with passengers, and depart without you.
   A DDoS attack is worse: it’s short for distributed denial of service attack, and it’s much the same thing as a DoS, except that the trouble-stirrer doesn’t show up on his own.
  Instead, he brings along a big posse of innocent-looking accomplices to flood the whole station with time-wasters.
  Genuine customers who are mixed in with the trouble-makers end up waiting far longer than usual – a problem that usually gets more and more frustrating as the backlog grows.
  In the attack on Krebs’s site the crooks were able to generate an astonishing combined total of over 600 gigabits per second of time-wasting network traffic.
  That’s equivalent to about 60,000 fast home networks all turning their entire bandwith onto Krebs at the same time, or a whopping 600,000 regular ADSL connections at once (assuming a one megabit per second upload speed).
  If we assume that even a voracious reader of Krebs’s articles would use at most 10% of a home ADSL connection’s bandwidth when browsing the site, then the cost of neutralising this level of attack is the same as supporting at least six million concurrent legitimate users.
   The perpetrators in the mega-DDoS haven’t been identified, but the attack happened not long after Krebs outed a DDoS-for-hire service called vDOS, leading to the arrest of two young hackers in Israel.
   (Sophos experts Chester Wisniewski and John Shierdiscuss this attack, and the story behind it, in this week’s Chet Chat security podcast . [Starts at 1’08”.])
     LISTEN NOW

       (Audio player above not working? Download MP3, listen on Soundcloud or access via iTunes .)
    The reason we mentioned home networks above, by the way, is that’s exactly where this attack seems to have originated.
   Not from malicious bot or zombie software on regular computers, as might have been the case a few years ago, but from so-calledInternet of Things (IoT) devices such as routers, web cameras and perhaps even printers.
  If you’re surprised to hear that, don’t be.
  Although a typical router or webcam has just a fraction of the computing power of your laptop, it’s more than capable of filling a typical home network with outbound traffic.
  (After all, your powerful new laptop relies on your router to handle all that outbound traffic, so if your laptop can fill up the network connection, that’s only possible because the router can fill it on your laptop’s behalf.)
   Sadly, in the aftermath of the assault on Krebs, the source code of the malware used in the attack was openly published .
  It’s been removed from the hacking forum on which it was originally outed, but it still widely available “for research purposes” to anyone willing to look.
   Mirai, as the malware is known, is badly programmed and unfinished, but that doesn’t matter.
  It works, and it’s effective primarily because of bad programming in the very IoT devices it uses to do its dirty work.

Mirai “internet of things” malware from Krebs DDoS attack goes open source-2 (different,available,internet,getting,service)

  The Mirai malware package

   The Mirai bot, called simply bot in the source code, is written in C, and has three main components:
  
       
  • A call-home system that connects to a command-and-control server (which could be another insecure IoT device) to download details of whom to attack, and how.   
  • A set of attack routines that can generate a range of legitimate-looking but purposeless streams of network traffic to eat away at the victim’s network capacity.   
  • A network scanner that searches randomly across the internet and tries to login in various ways to build and report a list of insecure IoT devices for the next wave of attacks.  

12下一页
友荐云推荐




上一篇:Stop blaming on JavaScript when all you want is to talk about Front End
下一篇:Python: Declaring Dynamic Attributes
酷辣虫提示酷辣虫禁止发表任何与中华人民共和国法律有抵触的内容!所有内容由用户发布,并不代表酷辣虫的观点,酷辣虫无法对用户发布内容真实性提供任何的保证,请自行验证并承担风险与后果。如您有版权、违规等问题,请通过"联系我们"或"违规举报"告知我们处理。

御龙在天 发表于 2016-10-6 05:24:06
很给力!
回复 支持 反对

使用道具 举报

炸馒头片 发表于 2016-10-6 05:51:59
牛人 佩服!
回复 支持 反对

使用道具 举报

sunpeng263 发表于 2016-10-7 02:45:01
sunpeng263留下了印记
回复 支持 反对

使用道具 举报

长发不失风采 发表于 2016-11-9 18:37:12
胆子不小啊,居然让我抢到了沙发!
回复 支持 反对

使用道具 举报

安雅轩2010 发表于 2016-11-10 00:12:33
2016-11-10是个特别的日子,值得纪念!
回复 支持 反对

使用道具 举报

贺磊磊 发表于 2016-11-10 13:08:48
楼主辛苦了,鼓励一下
回复 支持 反对

使用道具 举报

hyf905191 发表于 2016-11-14 22:40:37
有钱的捧个钱场,没钱的回家拿钱捧个钱场。
回复 支持 反对

使用道具 举报

*滑动验证:
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

我要投稿

推荐阅读

扫码访问 @iTTTTT瑞翔 的微博
回页顶回复上一篇下一篇回列表手机版
手机版/CoLaBug.com ( 粤ICP备05003221号 | 文网文[2010]257号 )|网站地图 酷辣虫

© 2001-2016 Comsenz Inc. Design: Dean. DiscuzFans.

返回顶部 返回列表