i have been preoccupied of late with security stuff. the first one is what they’re calling conficker.c which will activate on the first of april. no one knows what it will do but i would bet a beer that its not entirely good. symantec has a removal tool for this and previous versions of conficker (aka downadup).
+ + +
another news item that has been in that particular corner of my brain is the network bluepill aka psyb0t botnet. its a new botnet targeting routers/modems instead of pcs. these router/modems are the gadgets that give you access to the internet. imagine what bad things can happen when that’s been compromised. you can’t scan for the botnet either because the botnet code is not on your pc. according to dronebl–a real-time tracker of abusable ips–you are vulnerable if:
- Your device is a mipsel (MIPS running in little-endian mode, this is what the worm is compiled for) device;
- Your device also has telnet, SSH or web-based interfaces available to the WAN, and
- your username and password combinations are weak, OR the daemons that your firmware uses are exploitable.
the best way to ensure that you don’t get infected (or reinfected) is to perform a hard reset of the device, update the device’s firmware to the latest and change the administrative passwords to stronger ones, maybe use a passphrase instead.
+ + +
and then there’s the next version of ubuntu–jaunty jakalope or version 9.04–coming out by april (2009.04). that’s something to look forward to. at the same time i’ve been studying/ evaluating the server version of ubuntu as a replacement for some (or all my server installations).
i have taken on a new project making a new website which will act much like a repository of information about a famous person. this will replace another project that i had to let go. its another php/mysql/apache install (spelled as web 2.0). this should prove interesting. 😎