Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 




      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FYI: WGA Always Sends Info to Microsoft and ICANN Issues Factsheet on February DNS Attack (SANS NewsByte)

 http://www.heise-security.co.uk/news/86429   ...
>  --WGA Always Sends Info to Microsoft
> (March 8 & 9, 2007)
> Microsoft has acknowledged that its most recent Windows Genuine
> Advantage (WGA) update sends some information back to the company's
> Redmond, WA headquarters even if users decline to install the update.
> A statement from Microsoft's UK anti-piracy manager says the 
> information
> sent back does not identify individuals. WGA communicates to Microsoft
> the computers' globally unique identifiers (GUIDs), user and machine
> language settings and whether or not the machine was connected to a
> domain.
> http://www.theregister.co.uk/2007/03/09/ms_wga_phones_home/print.html
> http://www.heise-security.co.uk/news/86429
> [Editor's Note (Schultz): WGA amounts to little more than spyware,
> something that sooner or later Microsoft will have to contend with in
> court.]

>  --ICANN Issues Factsheet on February DNS Attack
> (March 12, 2007)
> A factsheet from the Internet Corporation for Assigned Names 
> and Numbers
> (ICANN) says DNS servers came through February's attack relatively
> unscathed because of the Anycast load-balancing technology 
> put in place
> after the last major attack in 2002.  The attack targeted six 
> of the 13
> root servers.  The two servers that fared the worst during the attack
> did not yet have the technology installed.  The root server operators
> also played a significant role in preventing the attack from having a
> noticeable effect on Internet users worldwide by staying in constant
> communication.  The operators noticed that all the attack packets were
> larger than 512-bytes and consequently blocked packets that met that
> criterion.  That step alone managed to stop the attack in its tracks.
> http://www.vnunet.com/vnunet/news/2185227/icann-shield-beats-d
> ns-hackers
> http://www.zdnet.co.uk/misc/print/0,1000000169,39286256-390011
> 05c,00.htm
> http://icann.org/announcements/factsheet-dns-attack-08mar07.pdf
> [Editor's Note (Skoudis and Paller): The ICANN fact sheet is really
> good, and we strongly encourage you to read it.  It describes not only
> the attack and defenses, but the overall architecture of the root DNS
> infrastructure in terms that even a newbie can understand and
> appreciate.  It explains interesting things, like why there 
> are 13 root
> name servers and not more (it's associated with the 512 byte query
> size), and how Anycast technology helped to thwart the attack.  Kudos
> to ICANN for not only producing this fascinating and useful document,
> but for their openness in describing what happened.
> (Pescatore): The DNS root servers have proven to be pretty resilient
> against these large-scale DoS attacks that get a lot of publicity.
> However, a lot of enterprises have been hit by targeted DoS 
> attacks and
> have found they have to upgrade their defenses - usually by 
> paying their
> ISP extra to get filtered bandwidth. The ISPs need to take 
> some of that
> revenue and take steps to make it much harder for DDoS attacks to
> succeed.]


Copyright © Lexa Software, 1996-2009.