Unix to Linux At The Core… Is It FINALLY Happening ?

By darren_thomson | September 28, 2009 | Leave a Comment 

darren_thomson

It has been 8 years since I sat at various industry events and worked with IBM, HP, Redhat & the like to discuss how Linux was rapidly going to become the platform of choice for enterprises “in the next 3 years”. We all got ourselves into a terrible flap, authored whitepapers (remember “Organic IT”??) and constructed migration practices to ensure that we were all ready to ride the Linux wave.. and virtually nothing happened. Until recently, my experience of datacentre archietcture has been that we still run UNIX at the core, surrounded by Linux and (and very aggressive) Microsoft..

Now (finally) there seems to be evidence that the migration is starting to happen. Red Hat continues to buck the economic meltdown, reporting sales up 11.7 per cent to $183.6m in the second quarter of its fiscal 2010 and net income up 36.9 per cent to $28.9m. The sales were above the high end of Red Hat’s guidance.

Business is so good that the juggernaut of the Linux business felt comfortable enough to shell out a staggering $47m to buy back 2.3 million of its own shares from Wall Street, pushing up earnings per share by 50 per cent to 15 cents. (Red Hat has spent $94m buying back stock in fiscal 2010).

We seem to be entering a “perfect storm” for Linux. The Oracle/Sun aquisition alongside the economic climate seems to be finally compelling companies to seriously question their UNIX (largely Solaris) strategies and move to a UNIX-style O/S that can make use of commoditised, x86-based hardware.

Our guesses about “the future” in IT are normally accurate.. It just takes a while !

Darren Thomson

Understanding security threats

By dominic_cook | September 21, 2009 | Leave a Comment 

dominic_cook

Last year we embarked on producing an occasional series of short video’s looking at common internet threats and issues. So far they have covered: Phishing, Botnets, The Underground Economy and Drive-by Downloads.

We wanted them to be educational and have some humour to better educate people using the web at home and at work about how to protect themselves from common threats and risks. So far the initial 4 video’s have gone down well, being posted on sites like YouTube and Facebook, as well as the Symantec website and even a number of online retailers.

The lastest two video’s in the series have just been finished. They are:

  1. Symantec Guide to Scary Internet Stuff – No 5 Misleading Applications
  2. Symantec Guide to Scary Internet Stuff – No 6 Denial of Service Attacks

Please have a look at them, and also the other videos in the series, and if you have any thoughts for new topics we should cover, let me know.

Dominic Cook

Do You Trust This Site…

By Guy Bunker | September 16, 2009 | 1 Comment 

Guy Bunker

… What about if there were advertisers? The NYTimes realised earlier this week that there were some adverts on their site which were not what they appeared to be. In essence, the attack is simple – pose as a real advertiser and then switch to something more malicious… by the time anyone notices, the advertiser has made their mark and visitors to the site have been compromised.

The problem is that people trust well known sites, and the reality is that they shouldn’t – at least not without some thought. We have seen a number of attacks on popular sites, whereby malicious code is inserted transparently to the user, so that when they visit they become infected with malware. We have also seen adverts taken out with popular search engine sites, whereby the advert is malware – but this is a new twist to combine the two.

What to do? Well, herein lies the problem – how do companies know that an advertiser is who they say they are… and what they are advertising is ‘good’ rather than ‘bad’. In today’s Internet age, many things are bought and sold with relative anonymity and so subject to this kind of problem – Verifying identity is tough at the best of times! In this particular case, changes have been made to the way in which adverts are placed into the pages – so the NYTimes is a tough target for this type of behaviour, cyber-criminals will therefore move swiftly on to other well known sites and try the same thing.

When you visit websites, no matter how reputable they may be,be wary of adverts (especially those which popup to tell you, you have a virus), if you run a website with 3rd party advertising – then think about how you will protect your website and your company’s reputation from this type of attack.

Guy Bunker

Clever security screensaver

By dominic_cook | September 14, 2009 | 1 Comment 

dominic_cook

 b-deepsight_heroOK please forgive this little marketing-type plug…. but I think this is a great little tool….

As you no doubt know, Symantec has established some of the most comprehensive sources of Internet threat data in the world through the Symantec Global Intelligence Network. More than 240,000 sensors in over 200 countries monitor attack activity through a combination of Symantec products and services such as Symantec DeepSight Threat Management System, Symantec Managed Security Services and Norton consumer products, as well as additional third-party data sources.

Symantec also gathers malicious code intelligence from more than 130 million client, server, and gateway systems that have deployed its antivirus products. Additionally, Symantec’s distributed honeypot network collects data from around the globe, capturing

And you can get access to all of this intelligence via a free screensaver which you can download to your PC which keeps you up-to-date on the threat landscape using a feed from Symantec’s DeepSight monitoring service. The ThreatCon rating in the screensaver also lets you know the current danger level of the Internet based on network incident and malicious code activity. The screensaver regularly updates itself when you are connected to the Internet. 

All the technical details and the link to download the screensaver can be found here: http://go.symantec.com/screensaver

Dominic Cook

An Accident Waiting To Happen? Or Designing The Next Big Thing…

By Guy Bunker | September 9, 2009 | Leave a Comment 

Guy Bunker

… There was an interesting article in the news yesterday from an insurance company about which professions have the worst road accident records. Topping the list… ahead of sales managers and students… are computer engineers!!!

Being an engineer at heart (although my programming days are long behind me) it struck me as strange… several reasons are given as to why the professions at the top of the list are there including long hours and stress as a cause for distraction and therefore crashing. While engineers do work long hours and there is no doubt that release deadlines are stressful – we don’t need those to become distracted… thinking about a gnarly bit of code or architecture causes distractions, hearing an old song on the radio and then trying to remember trivia around the artist, year etc, causes distractions and so does everything else.

One of the joys of being an engineer is to be distracted by all manner of things – those random walks of thought often give rise to innovation.

(Just have to remember to keep a watchful eye on the road as well.)

Guy Bunker

Top Web Threats in the History of the Internet

By dominic_cook | September 4, 2009 | 1 Comment 

dominic_cook

Wednesday 2nd September was the ‘official’ 40th anniversary of the Internet. To mark this important milestone we thought we’d take a look back at some of the most notorious threats ever seen online.

  1.  I Love You (2000) – Who wouldn’t open an e-mail with “I Love You” in the subject line? Well, that was the problem. By May 2000, 50 million infections of this worm had been reported. The Pentagon, the CIA, and the British Parliament all had to shut down their e-mail systems in order to purge the threat.
  2. Conficker (2009) – The Conficker worm has created a secure, worldwide infrastructure for cybercrime. The worm allows its creators to remotely install software on infected machines. What will that software do? We don’t know. Most likely the worm will be used to create a botnet that will be rented out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites.
  3. Melissa (1999) – Melissa was an exotic dancer and David L. Smith was obsessed with her and also with writing viruses. The virus he named after Melissa and released to the world on March 26th, 1999, kicked off a period of high-profile threats that rocked the Internet between 1999 and 2005.
  4. Slammer (2003) – This fast-moving worm managed to temporarily bring much of the Internet to its knees in January of 2003. The threat was so aggressive that it was mistaken by some countries to be an organized attack against them.
  5. Nimda (2001) – A mass-mailing worm that uses multiple methods to spread itself, within 22 minutes, Nimda became the Internet’s most widespread worm. The name of the virus came from the reversed spelling of “admin.”
  6. Code Red (2001) Websites affected by the Code Red worm were defaced by the phrase “Hacked By Chinese!”  At its peak, the number of infected hosts reached 359,000.
  7. Blaster (2003) Blaster is a worm that triggered a payload that launched a denial of service attack against windowsupdate.com, which included the message, “billy gates why do you make this possible? Stop making money and fix your software!!”
  8. Sasser (2004) – This nasty worm spread by exploiting a vulnerable network port, meaning that it could spread without user intervention. Sasser wreaked havoc on everything from The British Coast Guard to Delta Airlines, which had to cancel some flights after its computers became infected.
  9. Storm (2007)Poor Microsoft, always the popular target. Like Blaster and others before, this worm’s payload performed a denial-of-service attack on www.microsoft.com. During Symantec’s tests an infected machine was observed sending a burst of almost 1,800 emails in a five-minute period.
  10. Morris (1988)An oldie but a goodie; without Morris the current threat “superstars” wouldn’t exist. The Morris worm (or Internet worm) was created with innocent intentions. Robert Morris claims that he wrote the worm in an effort to gauge the size of the Internet. Unfortunately, the worm contained an error that caused it to infect computers multiple times, creating a denial of service.

For a complete A-Z list of all threats, visit the Symantec Security Response website: http://www.symantec.com/security_response/threatexplorer/azlisting.jsp?azid=W

Dominic Cook