Server-based zombies power souped-up DDoS assault

Hackers have begun using compromised servers instead of client PCs to launch more powerful denial of service attacks. Hundreds of web servers are infected with a DoS application that transforms them into zombie drones, according to database security firm Imperva. These zombie servers are controlled using a simple web application …

This topic is closed for new posts.

Posted Wednesday 12th May 2010 21:48 GMT

John Smith 19

Sysadmins don't recognise they've been owned?

Your server has starting sending *millions* of packets to the *same* IP address.

How can you *not* spot something is a bit odd?

Posted Thursday 13th May 2010 15:10 GMT

gollux

In the cloud...

Unmanaged servers and virtual servers are the norm. That's why the cost is so low. You aren't going to be seeing any logs of what your server is sending to, and it's a given that no one's monitoring outbound traffic as noone's paid do that.

Posted Thursday 13th May 2010 08:46 GMT

ZenCoder

many sites simply don't have a sysadmin

I had a computer science degree and know a lot about many things, but server administration isn't one of them.

My friend's website got to big for shared hosting so he started renting a dedicated server. I learned the bare minimum to get everything working properly, wrote some shell scripts to dump the databases, tar all the files and FTP that to a different server once a week as a backup.

That was two years ago and the site has been running fine without any sort of admin.

I know a web programmer whose company tasked him with setting up a server even though he had no clue what he was doing and his regular duties left him zero time to actually administer the server once it was up and running.

Anyway there are a lot of sites out the are setup my someone lacking the necessary skill and experience and then completely ignored until something breaks.

Posted Monday 24th May 2010 09:19 GMT

Anonymous Coward