Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Being attacked or Random attack bots?
03-19-2012, 09:55 AM
Post: #1
Being attacked or Random attack bots?
Hello everyone,I did a little search and I am not sure yet if this is the right section to ask this question, if not would you please move it to the appropriate section.

A friend of mine is running an SQL 2000 server on his machine and he gets random attacks, including deletion of some tables, finding new administrator accounts, deletion of files, so we decided to build up a VPN server to limit the accessibility to the server. But the attacker could manage to flood us with DoS attacks, for the full router log I uploaded the system log file along with this post. Would you please check it out and enlighten me with any ideas?

I bought a VPN router hoping to end this mess which didn't help much, the VPN router does not stop the DoS attacks and flooding. Should I buy an IDS device? Or do you recommend a software like IPCop?

Any help would be highly appreciated.

Hourani.


Attached File(s)
.txt  system[1].txt (Size: 13.28 KB / Downloads: 0)
Find all posts by this user
Quote this message in a reply
04-23-2012, 08:03 PM
Post: #2
RE: Being attacked or Random attack bots?
Previous blog entries and analysis by others in the security community have shined a light upon the Dirt Jumper DDoS bot. Dirt Jumper continues to evolve (version 5 appears to be the newest) and a variety of other associated bots packages have emerged over time to include Simple, September, Khan, Pandora, the Di BoTNet and at least one private version of Dirt Jumper 5 that I am aware of. While we have collected about 300 malware samples of the Dirt Jumper family, it is likely that other variants are available, as the binaries and back-end PHP for Dirt Jumper has leaked several times. This makes it easy for someone to make slight modifications to the PHP or Delphi binary code and attempt to re-sell the bot, use the bot for their own purposes, or start making money with their own commercial DDoS service.

http://www.certkiller.com/exam-200-120.htm
http://en.wikipedia.org/wiki/ICQ
http://www.amazon.com/ECDL-ICDL-4-0-Stud...0782143083
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)