Georgia president's Web site falls under DDOS attack

Written by Jeremy Kirk 
COMPUTERWORLD
July 21, 2008
Original

July 21, 2008 (IDG News Service) The Web site for the president of Georgia was knocked offline by a distributed denial-of-service (DDOS) attack over the weekend, yet another in a series of cyberattacks against countries experiencing political friction with Russia.

Georgia's presidential Web site was down for about a day, starting early Saturday until Sunday, according to the Shadowserver Foundation, which tracks malicious Internet activity.

Network experts said the attack was executed by a botnet, or a network of computers that can be commanded to overwhelm a Web site with too much traffic.

The command-and-control server for the attack is based in the U.S., Shadowserver said. The botnet appears to be based on the "MachBot" code, which communicates to other compromised PCs over HTTP, the same protocol used for transmitting Web pages.

The tool used to control this kind of botnet "is frequently used by Russian bot herders," according to Shadowserver. "On top of that, the domain involved with this [command-and-control] server has seemingly bogus registration information but does tie back to Russia."

One of the commands contained in the traffic directed at the Web site contained the phrase "win+love+in+Rusia," wrote Jose Nazario, a senior security engineer at Arbor Networks, on a company blog.

On Sunday, it appeared that the host for the command-and-control server had been taken offline, Shadowserver said.

The motivation for the attacks is not entirely clear. But Georgia is just one of several former Soviet satellites, including Estonia and Lithuania, that are seeking to downplay their historical legacy with Russia.

Georgia has angered Russia by pushing for entry to NATO, a pro-Western security alliance. It has also tangled with Russia over the handling of South Ossetia and Abkhazia, two rebellious regions pushing for independence.

In Lithuania, 300 Web sites were defaced around July 1 following a new law prohibiting the public display of symbols dating from the Soviet era and the playing of the Soviet national anthem. The hacking was blamed on an unpatched vulnerability in a Web server at a hosting company.

Estonian Web sites were pounded by a massive DDOS attack in April and May 2007. The attacks are believed to have been connected to a decision to move a monument honoring Soviet World War II soldiers to a less prominent place, which ignited protests from ethnic Russians.





More Links:
image
Contact us for help and product info
image
View our F.A.Q.section
image
Site Map
image
image

"We are seeing a massive multi-vendor patch for the entire addressing scheme for the internet - the kind of a flaw that would let someone trying to go to Google.com be directed to wherever an attacker wanted."

Hackers using the vulnerability to attack company computer networks would also be able to capture email and other business data.

Kaminsky alerted US national security agencies to the crack in cyber warfare defenses.

"This really shows the value-add of independent security researchers," said former Department of Homeland Security National Cyber Security Division director Jerry Dixon.





More Links:
image
Contact us for help and product info
image
View our F.A.Q.section
image
Site Map
image
image
/td>
More Links:
image
Contact us for help and product info
image
View our F.A.Q.section
image
Site Map
image
image
;
by an attacker!

 


image
/font>被黑客攻击和