[24hoursupport] Worm creates P2P attack network

  • From: "BIGMARC" <BIGMARC@xxxxxxxxxxx>
  • To: <24hoursupport@xxxxxxxxxxxxx>
  • Date: Mon, 16 Sep 2002 23:41:29 -0400


From/De :«BIGMARC»

* subscribe at http://techPolice.com
 Worm creates P2P attack network
 'Slapper' infections reach 17,000 - and rising

By Bob Sullivan

Sept. 16 - Anti-virus firms are ringing the alarm bell over the a new computer
worm that's currently amassing an army of infected Web servers, designed to
initiate massive denial of service attacks. The "Slapper" worm's march through
cyberspace began late Friday and it's already infected over 17,000 machines

SLAPPER IS REMINDING some analysts of last year's "Code Red" and "Nimda" worms
which threatened to slow down the entire Internet.

       Since the worm attacks only computers running the Linux operating system,
it's not a direct threat to most home users. But it could threaten major Web
sites and Internet service providers, according to Alfred Huger, senior director
of engineering at Symantec Corp.'s security response team.

       "There is the potential for it to be remarkably serious if the (denial of
service) networks are turned against targets," Huger said, "It's a problem
waiting to happen."

         Slapper is insidious because it instructs each infected to join a
peer-to-peer network, not unlike Napster. Already, three separate networks have
sprung up; one with 11,000 infected hosts, one with 6,900, and a third that
researchers haven't managed to measure yet. Each network can be controlled by 
of the infected machines; so anyone who understand the worm could turn the 
network of machines into a powerful denial-of-service attack tool, Huger said.

Denial-of-service attacks were used in a now infamous string of incidents that
knocked Yahoo, Amazon, CNN, and other high profile Web sites off the Internet in

       "There are a great many compromised hosts are on well provisioned
networks," Huger said. "It could take down a significant site."

       The Slapper peer-to-peer network has already been used to "attack and
disable high-profile targets," according to a statement issued by Internet
Security Systems Inc. Huger said one of the networks was currently attacking
computers at a security company, but he wouldn't reveal which one.

       "Infections from more than 100 countries so far. (It's) Pretty bad," said
F-Secure Corp. spokesperson Mikko Hypponen.

         Slapper only affects Linux machines running the "Apache" Web server
software; but that's a significant part of the Internet. F-secure estimates 60
percent of the Net's Web sites are served up by Apache machines.
       F-secure estimated 1 million computers are vulnerable to Slapper, which
exploits a flaw found in an Apache component back in July.
This was sent to you from http://theMezz.com
To Subscribe/Unsubscribe go to http://techPolice.com
*** TECH NEWS AT http://theMezzenger.com ***

Etudiant: Wanadoo t'offre le Pack eXtense Haut Débit soit 150,92 euros 
d'économies !
Et pour 1 euro de plus, reçois le CD-ROM du jeu Dark Age of Camelot
+ 1 mois de jeu en réseau offert ! 
Clique ici : http://www.ifrance.com/_reloc/mail.etudiant 

- Users can unsubscribe from this list by sending email to 
24hoursupport-request@xxxxxxxxxxxxx with 'unsubscribe' in the 
Subject field OR by logging into the Web interface at

Other related posts:

  • » [24hoursupport] Worm creates P2P attack network