Comments on: Twitter: Target of a Not-so-Normal DDoS Attack? http://blog.trendmicro.com/twitter-target-of-a-not-so-normal-ddos-attack/ Threat News and Information Direct from the Experts Fri, 10 Feb 2012 02:16:37 +0000 hourly 1 By: Kdecherf (Kevin Decherf) http://blog.trendmicro.com/twitter-target-of-a-not-so-normal-ddos-attack/comment-page-1/#comment-31564 Kdecherf (Kevin Decherf) Tue, 11 Aug 2009 17:05:27 +0000 http://blog.trendmicro.com/?p=18695#comment-31564 RT <a rel="nofollow" href="http://twitter.com/TrendMicro">@TrendMicro</a>: Twitter: Target of a Not-so-Normal DDoS Attack? http://blog.trendmicro.com/?p=18695 RT @TrendMicro: Twitter: Target of a Not-so-Normal DDoS Attack? http://blog.trendmicro.com/?p=18695

]]> By: TrendMicro (TrendMicro) http://blog.trendmicro.com/twitter-target-of-a-not-so-normal-ddos-attack/comment-page-1/#comment-31563 TrendMicro (TrendMicro) Tue, 11 Aug 2009 16:49:52 +0000 http://blog.trendmicro.com/?p=18695#comment-31563 Twitter: Target of a Not-so-Normal DDoS Attack? http://blog.trendmicro.com/?p=18695 Twitter: Target of a Not-so-Normal DDoS Attack? http://blog.trendmicro.com/?p=18695

]]> By: Bubbles http://blog.trendmicro.com/twitter-target-of-a-not-so-normal-ddos-attack/comment-page-1/#comment-31583 Bubbles Tue, 11 Aug 2009 12:28:21 +0000 http://blog.trendmicro.com/?p=18695#comment-31583 The experts are offbase as usual. The attacks against Cyxymu were routed through compromised web hosting servers and compromised personal computers. The command and control targeted Cyxymu and the zombied personal PC's and compromised web hosting servers all started making request against Cyxymu's web pages. How in the h*ll are these botnets ever going to get dismantled when the experts are so far off in left field with their guesses and speculations. Let the experts have the IP's of the traffic that targeted Cyxymu's web pages. Run those IPs against a whois and see how many lead to web hosting providers ( where compromised web sites will be found ) - and see how many lead to compromised high speed internet users ( where the Internet Service Providers are completely asleep regarding the malicious traffic being poured out of compromised personal computers of end users ). Come on people. Figure it out. I am tired of hearing misdiagnosis of the origins of these attacks. And we need to start dismantling these botnets by force, if necessary, if incompetent hosting providers are unable to monitor anomalies in the outbound traffic originating from web sites or web servers within their company's allocated IP ranges. The experts are offbase as usual. The attacks against Cyxymu were routed through compromised web hosting servers and compromised personal computers. The command and control targeted Cyxymu and the zombied personal PC’s and compromised web hosting servers all started making request against Cyxymu’s web pages.

How in the h*ll are these botnets ever going to get dismantled when the experts are so far off in left field with their guesses and speculations.

Let the experts have the IP’s of the traffic that targeted Cyxymu’s web pages. Run those IPs against a whois and see how many lead to web hosting providers ( where compromised web sites will be found ) – and see how many lead to compromised high speed internet users ( where the Internet Service Providers are completely asleep regarding the malicious traffic being poured out of compromised personal computers of end users ).

Come on people. Figure it out. I am tired of hearing misdiagnosis of the origins of these attacks. And we need to start dismantling these botnets by force, if necessary, if incompetent hosting providers are unable to monitor anomalies in the outbound traffic originating from web sites or web servers within their company’s allocated IP ranges.

]]>