Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Security

Submission + - Advertising in your router log

An anonymous reader writes: If you regularly check your router log you may see port scanning attempts from unknown sources. Here's one where a company appears to be advertising their hacking at your firewall. It's the first time I've seen anything like this and am wondering if it's a new business model borrowed from malware authors that exploit an opportunity, then ask for ransom (payment for a removal tool) to get rid of what they gave you. Below is just a small portion of what they did to my log, boldly telling me what they do for a living. 04/06/2008 00:52:02.272 — Sub Seven attack dropped — 204.238.82.4, 50494, WAN, www.securitymetrics.com — 70.89.120.xx, 27374, WAN — 04/06/2008 00:52:34.944 — Back Orifice attack dropped — 204.238.82.4, 49060, WAN, www.securitymetrics.com — 70.89.120.xx, 31337, WAN — 04/06/2008 00:53:21.848 — Ripper attack dropped — 204.238.82.4, 53108, WAN, www.securitymetrics.com — 70.89.120.xx, 2023, WAN — 04/06/2008 01:40:22.480 — Smurf Amplification attack dropped — 204.238.82.4, 8, WAN, www.securitymetrics.com — 70.89.120.xx, 8, WAN — 04/06/2008 01:41:29.800 — Smurf Amplification attack dropped — 204.238.82.4, 8, WAN, www.securitymetrics.com — 70.89.120.xx, 8, WAN — 04/06/2008 01:41:38.576 — Possible port scan dropped — 204.238.82.4, 50059, WAN, www.securitymetrics.com — 70.89.120.xx, 15, WAN — TCP scanned port list, 20031, 5269, 1718, 902, 1718 I contacted the support/abuse contact listed for that IP address and got this reply: — Can you confirm if you have an account with us? If so what is the email address the account is registered under, or what is the IP / Domain that we are testing? Our scan includes a port scan to see what service's are open, then it checks for various known vulnerabilities. So it is not just a port scan but a complete vulnerability scan. Please let us know if you have any additional questions. Scott SecurityMetrics Support 801-705-5700 US support 0207.993.8031 UK support Support@securitymetrics.com While I did ask Scott WTF his company was doing advertising in my log, I doubt my outrage at this ethical lapse on their part will have any effect on their methods. What do you guys think?
The Courts

Submission + - RIAA 'making available' theory rejected in Barker (blogspot.com)

NewYorkCountryLawyer writes: "In a 25-page decision (pdf) which has been awaited for two years in Elektra v. Barker, Judge Kenneth M. Karas has rejected the RIAA's "making available" theory and its "authorization" theory, but sustained the sufficiency of the complaint's allegations of "distribution" and "downloading", and also gave the RIAA 30 days to cure the defects in its complaint by filing a new complaint. The judge left it open for the RIAA to allege that defendant made an "offer to distribute", and that the offer was for "the purpose of further distribution", which, the judge held, would be actionable."
Security

Submission + - Fingerprints of German Interior Minister published (heise.de)

Andreas Schaefer writes: "German's biggest Hacker Organization CCC (Chaos Computer Club) has collected fingerprints of Germans Secretary of the Interior Wolfgang Schäuble and published them in their current issue of the Datenschleuder Magazine. They even included a prefab film with his prints to use on current fingerprint scanners. Schäuble has recently been at the center of controversy with various Big Brother laws, including the inclusion of fingerprints in passports. Source: Heise News"

Feed Techdirt: DOJ Finally Approves XM-Sirius Merger (techdirt.com)

It only took over a year of ridiculous protests from traditional radio stations, but the Justice Department has finally decided that XM and Sirius can merge without creating a monopoly. It will be interesting to see if the NAB's own lobbying efforts helped disprove its point. The NAB, representing terrestrial radio stations argued vehemently that if XM and Sirius merged, it would create a "monopoly." The only problem with that statement is that if that were the case, it would mean that terrestrial radio wasn't competing in the same market. And, if that were true, why would the NAB care? So, by arguing so vehemently against the merger, it effectively showed what we all knew: terrestrial radio and satellite radio compete in the same market. Of course, the merger isn't a done deal yet, as the FCC still needs to weigh in. But given the amount of time it has already taken for the DoJ to make its decision, you would hope that the FCC was at least close to being done with its review as well.

Permalink | Comments | Email This Story


Censorship

Submission + - Bell Canada Throttles Wholesalers Without Notice (dslreports.com)

knorthern knight writes: "Users of the Canadian family-run ISP Teksavvy (which is popular amongst Canadian P2P users precisely because it does *NOT* throttle P2P) have started noticing that Bell Canada is throttling traffic before it reaches wholesale partners. According to Teksavvy CEO Rocky Gaudrault, Bell has implemented "load balancing" to "manage bandwidth demand" during peak congestion times — but apparently didn't feel the need to inform partner ISPs or customers. The result is a bevy of annoyed customers and carriers across the great white north. Story at http://www.dslreports.com/shownews/Bell-Canada-Throttles-Wholesalers-Doesnt-Bother-To-Tell-Them-92915"

Slashdot Top Deals

The only way to learn a new programming language is by writing programs in it. - Brian Kernighan

Working...