| fred on 31 Jan 2016 09:52:06 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| [PLUG] Details of recent attack on Linode infrastructure... |
Computer users, and Web/Cloud programmers,
It may contain too much detail for many of you, but I found this post
an interesting read. It's from the Linode cloud provider, explaining
how they were attacked for 12 days from 12/25 to 1/5, how they gradually
fought off the attack, and what they're doing to prevent such attacks
in the future.
- https://blog.linode.com/2016/01/29/christmas-ddos-retrospective/
Cyberwar is being fought every day.
So what can you do? The first thing it to lock down your computers
with virus scans, firewalls, more secure operating systems, etc.
Attacks like this are conducted by "botnets" that are controlled
by malicious parties with financial, political, and other agendas.
Most of us can't directly do anything to stop the controllers.
However, the "bots" in the "botnets" are typically PCs in the homes
and offices of unsuspecting people. They are infected with viruses
that sit there quietly, unnoticed by the users of the computers, but
take their marching orders from the malicious controllers of the
botnets, accepting orders to participate every now and then in a
coordinated attack on a specific target.
Such botnets are used to attack and manipulate financial markets,
attack infrastructure (US power grid, telephone service, Internet
providers, etc.), attack government and military systems, etc.
So, keep your virus scans, and security patches up to date. Make
sure your firewall is turned on. Power off your computer or put
it to sleep, when you are not using it. Install any additional
security packages that your operating system supports, like
logwatch, fail2ban, tripwire, etc. And consider switching to an
operating system that is fundamentally more secure. I use Mac
for my laptops and Linux for my servers.
Those of your running servers may want to follow some of my
detailed advice here:
- http://bristle.com/Tips/Unix.htm#unix_security
Thanks to JP Vossen of the Philly Linux User's Group for pointing
me to the Linode article!
--Fred
---------------------------------------------------------------------
Fred Stluka -- mailto:fred@bristle.com -- http://bristle.com/~fred/
Bristle Software, Inc -- http://bristle.com -- Glad to be of service!
Open Source: Without walls and fences, we need no Windows or Gates.
---------------------------------------------------------------------
LIST INFO:
This message was sent to list(s):
Stluka_Internet_List
Stluka_Cloud_List
Stluka_JavaScript_List
Stluka_Unix_List
Stluka_Windows_List
Stluka_Mac_List
You are subscribed as: plug@lists.phillylinux.org
To unsubscribe: Reply to this message, asking to be removed.
Archives of tips: http://bristle.com
Descriptions of lists: http://bristle.com/invite.htm
To subscribe to additional lists: Reply, specifying list name(s).
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug