Search
Related Links

 

 

Informative Articles

Freight Software
Freight Software Freight Software is a broad term. Large shippers and carriers began developing freight software in the 1960's when mainframe computers became more widely available and affordable. Large LTL carriers such as Roadway Express...
Getting Patched with Windows Service Pack
Are you one of those people that keeps track of recalls, just in case one of your most recent purchases gets recalled? Well, some of us do, but many of us don’t. For those of us who don’t keep up with recalls in general, it’s just as easy to be...
Hacking in Cyberspace
Did know you that your normal, everyday e-mail could be viewed and read by practically anyone on the Internet? It's like someone reading your personal mail without asking. Recently security on the Internet has received a lot of attention in the...
Protecting Your Identity On The Internet
Afraid that someone is monitoring your PC or installed a keylogger to record every single keystroke? Find out which tools you need to get to make sure you are protected. X-Cleaner Deluxe http://www.deprice.com/xcleanerdeluxe.htm X-Cleaner is a...
Wireless Network
If you want to have a network in your home or office, you can connect the computers together using a wireless network also known as 802.11 networking and WiFi. (Wireless Fidelity). You can connect computers anywhere in your home or office...
 
How A Security Specialist Fell Victim To Attack

You may reprint or publish this article free of charge as long as the bylines are included.

Original URL (The Web version of the article)

------------


How A Security Specialist Fell Victim To Attack

Title

-----

How A Security Specialist Fell Victim To Attack

E-mail Attacks - A Bad Day For Submitting Articles

-----------------------------------------------

These days, I write several pages for our site plus two to
three articles per week. The first places these articles are
posted are DefendingTheNet.com and CastleCops.com. Several
days later, I post these articles on other submission sites.
This is standard operating procedure in the world of article
submissions.

E-mail Attacks

--------------

For the most part, articles are re-published without you
even knowing. You typically find out when someone visits
your site from another where the article has been posted.
Other times, the site that plans on posting the article
e-mails you and asks you to review it before it goes live.
Two weeks ago, I received one of these e-mails. Email attack
- It was all downhill from there.

To Click Or Not To Click, That Is The Question

----------------------------------------------

Our systems are protected by state of the art security
systems. Our SPAM filter is a hardware device that is nearly
100% effective. It also helps in protecting against Spyware
and other malicious code. Our Firewall is similar to those
you would find in large corporations. Our Anti-Virus system
has served us well and we've not had problems with virus for
years. I'm not claiming that our systems are 100% protected
as there is no such system at this point in time. However,
we are fairly confident in our security systems.

Two weeks ago, I received approximately twenty e-mails
requesting the review and approval of Defending The Net
articles published on other sites. I thoroughly review the
e-mails to make sure they seem legitimate. I review the
url's included to make sure they are valid and not
redirected to a site that is IP only. The last e-mail I
reviewed seemed to be in proper order. When I clicked on the
URL to the article, the site failed to load.

Approximately five minutes later, my system slowed to a
crawl. I reviewed the running services on the machine and
found that the "SYSTEM" process was running at 100% CPU
utilization. A thorough review of the system did not reveal
anything out of the ordinary. Yet, the machine was barely
operating.

After rebooting the system in safe mode and reviewing


the
event logs, I found the cause of the problem. The event log
revealed that the TCP/IP stack repeatedly exceeded the maxim
number of connections. I had fell victim to a local machine
Denial Of Service attack.

In most cases, an event like this would reveal at least
something out of the ordinary; A registry entry, file, or
service that should not be present. But not in this case.

The computers local drives were imaged to preserve their
current state. The images were then submitted to our
Anti-Virus and Firewall vendor research teams. As of today,
they have not been able to determine the exact cause of the
problem. They do know something malicious is going on, and
are looking closely at the TCP/IP stack and system process.
Short-term investigation points in the direction of one of
these components being modified or corrupted. It's quite
possible that a new vulnerability exists and I'm fairly
confident they will be able to pinpoint it.

What's The Point

----------------

I've seen just about every type of exploit, vulnerability,
and e-mail attack you can think of over the years. Some
items we uncover during security assessments would make your
jaw drop.

It never ceases to amaze me how many people out there just
don't care what kind of problems or damage they cause. It
appears as if the point of this recent e-mail attack was
nothing more than to cause the recipient grief, to put the
target computer out of business for a while. One things for
sure, it resulted in a bad day for me. The time I had to put
into investigating the situation, and preparing the images
for delivery to our vendor, could have been spent working on
something productive.

Conclusion

----------

Because of this event, we have configured a dedicated system
who's sole purpose in life is to test potentially harmful
url's. It is actually a virtual machine that if attacked,
can be configured to its default state within seconds.

I can only imagine the stress and frustration others without
technical experience or resources must go through when
something like this happens. I receive countless e-mails
from our site visitors regarding their concern that they may
have been attacked or compromised. I wish I could help them
all out directly but that is not always a reality.

What I can do is share my experiences and recommendations.
This is one of the primary reasons why I enjoy writing
articles as much as a do.

About the Author

Darren Miller is an Information Security Consultant with
over sixteen years experience. He has written many technology
& security articles, some of which have been published in
nationally circulated magazines & periodicals. Darren is a
staff writer for www.defendingthenet.com and several other
e-zines.

 

Tom's Hardware
: Tom's Hardware Guide is the Internet's premiere resource for hardware news and reviews.
www.tomshardware.com
 
HardwareCentral - Your source for in-depth computer hardware info.
HardwareCentral is the #1 Hardware Information Resource on the 'Net. Featuring over 600 pages of Hardware information, including advice on System ...
www.hardwarecentral.com
 
Apple - Hardware
Find your favorite Mac, iPod and other Apple accessories.
www.apple.com
 
Ace Hardware
Nationwide (United States) hardware and home improvement retailer. Includes products, dealer locator and corporate information.
www.acehardware.com
 
Computer hardware - Wikipedia, the free encyclopedia
The hardware of a computer is infrequently changed, in comparison with software and ... Personal computers, the computer hardware familiar to most people, ...
en.wikipedia.org
 
Hardware - Wikipedia, the free encyclopedia
Hardware is the general term that is used to describe physical artifacts of a technology. ... In a looser sense, hardware can be major military equipment, ...
en.wikipedia.org
 
Open Directory - Computers: Hardware
Hardware Central - Computing-centric community providing vital information, support, tools and interaction facilities for power computer users and ...
dmoz.org
 
Microsoft Hardware – Home Page
Learn about Microsoft mice, keyboards, desktop sets, webcams, media center peripherals, gaming products, fingerprint readers and presentation tools.
www.microsoft.com
 
AnandTech: your source for hardware analysis and news
Independent hands-on reviews of computer hardware such as motherboards, graphic cards, and CPUs.
www.anandtech.com
 
hardware.com - Routers, switches, firewalls, servers, memory ...
Supplier of new and refurbished networking hardware and approved and compatible network accessories. Located in the United Kingdom.
www.hardware.com
 
Slashdot: News for nerds, stuff that matters
From the article: "Although the news caused barely a ripple of reaction in the audience of software and hardware engineers, there are industry analysts who ...
hardware.slashdot.org
 
InformationWeek HardwareTech Center
Our hardware coverage ranges from mobile computers and PDAs to servers and supercomputers, and the infrastructure issues enterprises deal with every day. ...
www.informationweek.com
 
What is hardware? - A Word Definition From the Webopedia Computer ...
This page describes the term hardware and lists other pages on the Web where you can find additional information.
www.webopedia.com
 
Google Directory - Computers > Hardware
Hardware Central - http://www.hardwarecentral.com/ Computing-centric community providing vital information, support, tools and interaction facilities for ...
www.google.com
 
Gifts: Unique Gifts & Gift Ideas at Restoration Hardware
At Restoration Hardware, you'll explore an exceptional world of high quality unique gifts. Browse our products to find gift ideas & more at Restoration ...
www.restorationhardware.com
 
HwB: The Hardware Book
HwB provides you with circuits, pinouts, cable/adapter descriptions and other technical information.
www.hardwarebook.net
 
Reg Hardware: Product News and Gadget Reviews from The Register
More Gadgets Stuff. 5th December 2006 12:09 GMT. Author: Reg Hardware ... 27th November 2006 15:31 GMT. Author: The Hardware Widow ...
www.reghardware.co.uk
 
red hat hardware compatibility lists
hardware.redhat.com/ - Similar pages
 
TrueValue.com
Here's our tip to hang strands of lights with ease. Jeanenne & Jim Tucker Plantation True Value Hardware Richmond, TX ...
www.truevalue.com
 
A complete illustrated Guide to the PC Hardware
A complete illustrated Guide to the PC Hardware, Logic and Architecture. 500 easy-read articles about the modern PC. Understand the basic architecture of ...
www.karbosguide.com
 
 

 
Content Menu
  • 10 easy steps to speed up your computer without upgrading

  • 1 simple step towards improved customer satisfaction for web hosts

  • 4 ways to get your opt in subscribers to trust you quickly

  • 5 desktop computer hardware myths exposed

  • 5 minute guide to video editing for beginners

  • 5 simple tips to prevent ms access database corruption

  • 5 steps to choosing a great host

  • 5 sure fire tips for buying a new computer

  • 5 ways to give your web site a big company look and feel

  • 7 barebones computer buying tips

  • 7 reasons not to take your laptop on holiday

  • 7 simple reasons why you need a network security camera for your home

  • 7 steps to cleaning the laser toner from your laser printer

  • adult web hosting the all you need to know

  • advancement in computer technology

  • advantages of buying used servers

  • all about the new scmad certification exam

  • alternatives to tape backup

  • another title by atari released on starforce protected dvds

  • anti spam at the enterprise level

  • are they watching you online

  • are you waiting for microsoft longhorn

  • are you well protected

  • a beginner guide to web hosting

  • a brief history of tablet pcs

  • a business center in your hotel curse or blessing

  • a computer and internet glossary

  • a hacker inside your computer

  • a review of refurbished toshiba laptops

  • a simple guide to web hosting

  • backing up your stuff part 2 a solution

  • backing up your stuff part 3 software

  • backing up your stuff part 7 where is it 3

  • basic computer maintenance

  • basic diagnosis guidelines for your pc

  • basic problem in a pc

  • beginners guide to pc video editing

  • beware of spyware

  • be informed when you purchase a computer

  • be prepared in the event computer disaster strikes

  • bios term

  • boost your websites search engine rankings in 5 simple steps

  • boot camp troubleshooting hardware bootup problems

  • build your first computer from hardware scratches

  • build your own computer or buy

  • burning bridges is bad but firewalls are good

  • buying a computer ask these 3 questions

  • buying a used laptop computer

  • buying e books on e bay e bay the one stop e book shop

  • cad

  • can i hear your web site

  • can you restore data from your backup

  • carnivore

  • chicken little entrepreneurs

  • choose your email marketing software wisely

  • choosing a web host

  • choosing the right host for your site

  • choosing the wrong server will literally make or break you

  • cisco ccna ccnp home lab why you need an isdn simulator

  • cisco certification suggested topologies for your ccna ccnp home lab

  • clustering solutions and zero downtime hosting pitfalls

  • colors for your website

  • combat computer spyware an antispyware program isnt enough

  • computer buying advice for novices

  • computer case modding

  • computer consulting 101 hiring tips part 1 of 2

  • computer data backup data backup solution will give you a peace of mind

  • computer hardware preventive maintenance software

  • computer hygiene take out the trash

  • computer network designing

  • computer network installation

  • computer rentals the best classroom computer training solution

  • computer sos inc release of upgraded league management software package

  • computer tips that help small businesses operate profitably

  • congress taking a fresh look at online sales taxes

  • coping with a serious data loss from your computer hard drive

  • credit card processing on the internet

  • crying for help online

  • cure for illegal operations sydrome

  • custom error pages

  • cyber warfare

  • data backups one key to business survival

  • data backup for beginners

  • data backup solution why you need a backup plan in place part 1

  • data backup solution why you need a backup plan in place part 2

  • death before birth the life cycle of a search engine

  • declarative programming strategies for solving software problems

  • dedicated co location inside a securely monitored bank vault at lasvegas net

  • dedicated server price check by www vipwh com

  • dedicated server vs co location web hosting by www vipwh com

  • dedicated web hosting the executive summary

  • defining olap solutions and data warehouse design

  • denial of service attack

  • desktop security software risks part 1

  • desktop security software risks part 2

  • device driver basics

  • dhcp

  • did i hear you say mama help me i lost my websites

  • different categories of computer games

  • digital dispatch is the internet safe

  • digital rights management

  • does it worth to backup emails from clients like outlook express

  • dont allow hackers to take out money from your bank account

  • do we really need the internet

  • do you need a web site monitoring service

  • d bust your computer part 5

  • easy to execute

  • edit able art

  • email anti spam and virus protection for businesses there is hope

  • esecurity

  • esolution software developments

  • exchange disaster recovery with sanrad v switch planning guide

  • finally an understandable introduction to computers

  • finding a physical phone tap

  • finding a quality and affordable web host

  • finding the right performance optimizer

  • find the host with the most

  • firewalls what they are and why you must have one

  • firewall protection does your firewall do this

  • five things to try if you are having wireless troubles

  • free detailed pc analysis

  • freight broker software

  • freight software

  • getting help using mailing lists

  • getting more bang for the storage buck

  • getting patched with windows service pack

  • get familiar with msdos sys

  • get your multimedia cbt educational cd educational software

  • got virus

  • got virus your data is not lost forever

  • great plains dexterity history and programming overview

  • guarding against email scams

  • hacking in cyberspace

  • hard drive crash the essential data recovery report

  • hard drive selection

  • helpdesk asset management software top questions to ask before you buy

  • help me choose linux vs windows web hosting

  • history of linux

  • home audio recording for everyone

  • how a security specialist fell victim to attack

  • how do wireless networks work

  • how multiple server hosting impacts your websites uptime

  • how multiple server hosting impacts your web sites uptime

  • how to become an information superstar

  • how to become a dot com millionaire part 2

  • how to buy a laptop buyers guide notes

  • how to change upgrade or remove and ide hard drive

  • how to choose a reliable web host

  • how to consider a web host

  • how to fight cyberterrorism

  • how to get the case off your pc

  • how to get the computer you want without spending a fortune

  • how to install cable dls and dialup modems fast

  • how to never pay a hotel phone bill again

  • how to overclock a processor

  • how to prevent spyware attacking your computer

  • how to quickly fix nagging dvd drive problems

  • how to really backup the windows registry

  • how to really create a startup disk

  • how to really install a modem

  • how to re record other video files

  • how to rip shrink a full dvd movie backup a dvd dvd shrink dvd decrypter tutorial

  • how to shop online safely

  • how to speed up your pc

  • how to start a tech support business

  • how to tame your mouse

  • how to tell you are infected with spyware ad ware or viruses

  • how to troubleshoot dvd drives fast

  • how to upgrade your pc

  • hpc systems inc announces first 8 way processor amd opterone server

  • ibm lotus domino or microsoft exchange

  • ie firefox opera netscape mozilla and more

  • if you had problems in the past with a computer virus then youll want to know how easy it is to setup firewall protection

  • image conversion in computers

  • implementation of asp application services provision

  • implementing a secure password policy

  • importance of backups

  • important steps to protect your computer from hurricanes

  • improve pc performance 6 tips you must know

  • improving sql performance

  • im guilty until proven innocent

  • index

  • inkjet printer tips to select proper printer

  • internet communication

  • internet faxing service review

  • internet security backups

  • intranet

  • intranet portal business case roi

  • introduction to dedicated servers

  • introduction to visual basic

  • invest wisely when buying a laptop

  • iscsi vs fc for meeting mission critical requirements

  • is it still good to share

  • is my pc vulnerable on the internet

  • is that pc still worth keeping

  • is voice over ip right for me

  • is your computer infected with spyware

  • is your laptop or home computer wireless enabled

  • its war i tell you

  • jungo joins texas instruments third party dsp network to provide software hardware connectivity solutions

  • keeping the windows registry operational

  • keep a diary of your computer

  • know linux

  • lay out tips

  • linux display settings

  • linux for home users

  • linux web hosting

  • linux web hosting the all you need to know

  • longer term play

  • lost your usb flash dont panic

  • low budget horror stories

  • managed and unmanaged dedicated hosting

  • managed hosting whats it all about

  • managed vs unmanaged dedicated hosting by www vipwh com

  • mcse 70 290 certification primer

  • memory bandwidth vs latency timings

  • microsoft class action settlement in minnesota submitting a claim

  • microsoft great plains if you are orphan client what to do and faq

  • microsoft sql 2000 disaster recovery with sanrad v switch planning guide

  • microworld antivirus mwav toolkit utility

  • more computer consulting 101 hiring tips part 2 of 2

  • more dvd burning tips

  • more free tools increase security for your pc

  • mpeg encoder for burning dvds

  • ms sql mysql a case study

  • music cd r vs data cd r is there a difference

  • need of document management system dms

  • network performance management the 6 pillars of network management system

  • network wiring standards

  • net words by nick usborne a book review

  • new olap concept

  • new software suite improves productivity and slashes costs for small and medium size businesses

  • no computer sound

  • no operating system

  • on reconditioned or refurbished notebooks

  • o software livre realmente nos libertar  dos custos

  • passwords or pass phrase protecting your intellectual property

  • pc gaming video meeting the demands

  • pc owners the largest criminal gang ever

  • pdf faster delivery lowered costs

  • physical topology of a network refers to the configuration of cables computers

  • plug and play resource allocation

  • plug ins and xtensions indesign indexers quarkxpress catalogers photoshop fixers

  • podcasting trend

  • printing troubleshooting guide

  • protecting your identity on the internet

  • protect your computer and internet privacy

  • protect your pc from viruses worms trojans

  • provisioning user management system upgrades part one ten reasons why not to do an upgrade or the gentle art of not doing when good systems go bad

  • provisioning user management system upgrades part two building awareness and building approval

  • p c security housekeeping basics

  • raid disk recovery

  • refurbished computers on the internet

  • registry cleaners why do you need one

  • remote deployment of surveillance spyware software

  • remove rogue desktop icons created by spyware

  • report on growth and economic impact of the it industry

  • reseller hosting explained

  • reseller web hosting

  • review on paint shop pro 7 solutions book

  • reviving old computer games

  • rotator

  • save your software

  • screenshots vista windows

  • script kiddies ii an advice to parents

  • secrets to spyproofing your computer in four easy steps

  • security firewalls

  • security in todays world

  • seecrets on security a gentle introduction on cryptography part 2

  • seecrets on security a gentle introduction to cryptography

  • see how to revive a dead computer

  • see how to troubleshoot pc mouse problems fast

  • setting up an internet connection

  • setting up a linux modem

  • setting up a tape backup strategy for your business

  • should i use windows update

  • should you build your own pc

  • should you upgrade your hardware pc

  • simplenet director of marketing

  • small wonders single board computers

  • software consulting

  • software for hard jobs contractors have some powerful tools in todays software

  • software piracy global increase

  • software that takes care of other software

  • special rules for selling software on ebay

  • spyware versus adware the difference impacts your privacy

  • spyware what it is and how to combat it

  • starforce protection solutions at games convention 2004

  • static discharge causes flaky damage

  • step by step troubleshooting ram

  • sticky sites rule the internet

  • streaming audio made easy

  • surge protector a simple mechanism description

  • system downtime

  • system restore the big undo

  • talking rugged notebook

  • ten great careers for computer geeks

  • ten percent of jimmy stewart

  • that darned old internet gateway

  • the art of display

  • the basics of hosting

  • the complete guide to spotting computer spies recording devices

  • the cost of spyware on your computer

  • the cycle of windows life

  • the database design alalysis business perspective

  • the economics of spam

  • the essential data recovery report

  • the hidden tiger

  • the host with the most

  • the important steps to protect your kids on the internet

  • the metaphors of the net

  • the metaphors of the net part ii

  • the metaphors of the net part iii

  • the metaphors of the net part iv

  • the never ending spywarestory

  • the never ending spyware story

  • the problems with passwords

  • the pros cons of hosting the site yourself

  • the seamless internet

  • the secret computer virus that is virtually undetectable

  • the security risks and ways to decrease vulnerabilities in a 802 11b wireless environment

  • the seven deadly habits of a dba and how to cure them

  • the spyware who loved me

  • the trials and tribulations of a confused computer

  • the two most important things you need to run a wildly successful web site

  • the universal serial bus

  • the worst case scenario how to protect your data

  • the xbox 360 a parental guide to this game console

  • things newbies need to know

  • tips about low cost web hosting services

  • tips for finding the perfect portable mp3 player

  • tips for turning cd duplication into a profitable side business

  • tips on finding a web host

  • tips to select proper hard drive

  • tips to select proper motherboard

  • top 7 reasons you should back up your data online

  • transportation management software

  • transportation software

  • trouble shooting mouse problems

  • tucsons nextwest inc announces partnership with dialresults inc

  • two enter internet battle

  • ultimate checklist on how to revive a dead computer

  • understanding the components of a home network

  • understanding the software layers of a computer

  • unleash the dragon inside your computer

  • unlimited bandwidth in web hosting

  • unlimited wealth creation through reseller hosting

  • unrelated inventiions catering for the uncommon denominator

  • ups technologies explained

  • usb hubs and ports explained

  • using a bluetooth headset with your pc

  • using sanrad v switch as the vss hardware provider for windows backups

  • video game rental pros of renting video games

  • virtual hosting the affordable hosting solution for reseller web hosting companies

  • virtual hosting vs dedicated hosting

  • virtual it anyone

  • virtual private server web hosting

  • voice over internet protocol

  • voip questions and answers

  • wealth for free

  • webfarms the only way to host

  • website and network stress monitoring

  • web hosting guide for beginner

  • web hosting reviews can you trust them

  • web hosting server what to look for

  • web hosting web development for beginners

  • web hosting web development understand and create great websites

  • web hosts the basics

  • welcome to the world of knoppix

  • we know why you havent decided yet to purchase a security product

  • whats in a name

  • whats your right photo shade

  • what are international isp global isp

  • what does your john hancock look like

  • what do customers really want

  • what is a server

  • what is computer programming anyway

  • what is data recovery a brief introduction

  • what is tcp ip

  • what is vsat broadband

  • what makes a good web hosting provider

  • what to consider when taking your cmms mobile

  • what to do once you are infected with spyware ad ware or viruses

  • what to look for in an assembled pc

  • when to rent a laptop computer

  • which web host is right for you

  • which web host should i choose to host my business site

  • which web server

  • why build your own gaming computer

  • why network documentation is so important

  • why slow access to your site is killing your business

  • why your online advertising traffic leaves as soon as it arrives

  • wifi range what are the limits

  • wilibox launches embedded linux wireless platform with industrys first 802 11 stack supporting access point and client modes simultaneously

  • will adobe manage to replace industry work horse quark express by giving adobe indesign for free

  • will voip be a mass market product

  • windows hosting versus linux hosting

  • windows ou linux

  • windows vs linux a comparison

  • wiping a hard drive how to ensure your data is gone

  • wireless home networking choosing the right one

  • wireless network

  • wireless networks how do they work

  • wireless network security

  • working with the registry

  • worms horses bugs and thugs

  • your affiliate business peripherals software computers

  • your fingertips and a phone line perhaps

  • you dont have to be rich to be a pc gamer

  • you do have an email list dont you

  • zero duty channel seeks clarity