Ceci est une ancienne révision du document !
1
New DDoS Botnet Infects Windows along with Linux Computers; Poland CERT According to Poland Computer Emergency Response Team (CERT), its security researchers recently discovered one fresh DDoS (distributed denial-of-service) botnet that spread a kind of malware which contaminated Linux as well as Windows computers, published softpedia.com dated December 18, 2013. The researchers state that the botnet has been created for executing solely DDoS assaults, the majority being DNS Amplification assaults. At the time the report by Poland CERT was released, nearly all anti-virus programs had detected the malware targeting Windows computers, whereas, merely a few AV engines could detect the malware for Linux. What's more, the Linux malware attempted at linking up with the command and control server through one high-powered Transmission Control Protocol (TCP) port.
Un nouveau Botnet DDoS infecte aussi bien les ordinateurs Windows que Linux; Pologne CERT
Selon le Pologne Computer Emergency Response Team (CERT), ses chercheurs en sécurité ont récemment découvert un nouveau botnet DDoS (programme réseau faisant des attaques distribuées, par déni de service) qui propage un type de maliciel qui a contaminé les ordinateurs Linux tout comme Windows, a publié softpedia.com le 18 Décembre 2013.
Les chercheurs constatent que le botnet a été créé pour exécuter uniquement les agressions DDoS, la majorité étant des assauts par amplification DNS. Au moment où le rapport du CERT de Pologne est sorti, presque tous les programmes anti-virus ont détecté le maliciel ciblant les ordinateurs Windows, tandis que seulement quelques moteurs AV pouvaient détecter le maliciel pour Linux. En outre, le maliciel Linux a tenté de se connecter au serveur de commande et de contrôle par un port TCP (Transmission Control Protocol) de forte puissance.
The researchers explained that the port and IP of the C&C server were encrypted. When the bot became active, it transmitted information about operating systems unencrypted while looked forward to receiving commands from the server. Help Net Security published this dated December 18, 2013. Upon studying the malicious program, it was concluded that the threat could execute 4 kinds of DDoS assaults. Besides, it had other capabilities which hadn't yet been carried out. It was further found that while the Linux variant of the bot communicated with the C&C system through an Internet Protocol address, the Windows version communicated through one domain name as also over another port. However, both variants of the threat used the same command-and-control infrastructure, suggesting that an identical group of criminals were behind both, as per analysis by Polish CERT.
Les chercheurs ont expliqué que le port et l'IP du serveur C&C étaient chiffrés. Lorsque le robot est devenu actif, il a transmis des informations non cryptées sur les systèmes d'exploitation, tout en cherchant à recevoir des commandes venant du serveur. Help Net Security a publié ceci le 18 Décembre 2013.
En étudiant le programme malveillant, il a été conclu que la menace pouvait exécuter quatre types d'agressions DDoS. A part çà, il avait d'autres capacités qui n'avaient pas encore été utilisées.
Il a également été constaté que si la variante de Linux du robot communiquait avec le système de C&C par une adresse IP, la version Windows communiquait par un nom de domaine, aussi sur un autre port. Cependant, les deux variantes de la menace ont utilisé la même infrastructure de commande-et-contrôle, ce qui suggère qu'un groupe identique de criminels étaient derrière les deux, selon l'analyse du CERT polonais.
And because the malware executed just DDoS assaults the researchers think the attackers possibly focused on compromising PCs using lot of network bandwidth such as servers, which they had. That possibly was also responsible for the two malware variants -Linux OS was the preferred one for sever systems. Meanwhile, similar as the malicious program which was detected recently targeting Linux, another bot lately came in the notice of Andre DiMino, a George Washington University security researcher who had let attackers hijack his honeypot Linux-based computers. The bot was developed in Perl language, DiMino discovered. Source: http://www.spamfighter.com/News-18732-New-DDoS-Botnet-Infects-Windows-along-with-Linux-Computers-Poland-CERT.htm
Et comme le maliciel ne lançait que des attaques DDoS, les chercheurs pensent que les assaillants se concentraient probablement sur la compromission de PC utilisant beaucoup de bande passante tels que les serveurs, qu'ils avaient. Ceci a peut-être été également le pourquoi de deux variantes de maliciels, l'OS Linux était le préféré pour les systèmes.
Pendant ce temps, de façon similaire au programme malveillant qui a été détecté récemment ciblant Linux, un autre robot est arrivé récemment dans la note rédigée par André DiMino, un chercheur en sécurité de l'Université George Washington, qui avait laissé les attaquants infiltrer ses ordinateurs pots-de-miel en Linux. DiMino a découvert que le robot a été développé en langage Perl.
2
Moving a city to Linux needs political backing This year saw the completion of the city of Munich’s switch to Linux, a move that began about ten years ago. “One of the biggest lessons learned was that you can’t do such a project without continued political backing,” said Peter Hofmann, the leader of the LiMux project, summing up the experience. The Munich city authority migrated around 14,800 of the 15,000 or so PCs on its network to LiMux, its own Linux distribution based on Ubuntu, exceeding its initial goal of migrating 12,000 desktops. Munich decided to migrate its IT systems when Microsoft said it planned to discontinue support for the operating system the city then relied on, Windows NT 4.0. The city was forced to choose between moving to a newer version of Windows, or finding an alternative platform, as new software and new versions of existing software would not be available on Windows NT. The city council decided to go with Linux to become more independent from software vendors. Continued political backing was key to the success of the migration, said Hofmann. ”We had it from the start and it never failed. We had to treat our politicians as stakeholders and keep them informed,” he said. By doing this, the politicians never lost interest and always knew what the people involved in the project were doing, he said. “I saw a lot of other open source projects going down the sink,” because they didn’t have that backing, or lost it, he said. Source: http://www.pcworld.com/article/2082460/moving-a-city-to-linux-needs-political-backing-says-munich-project-leader.html
3
Valve joins the Linux Foundation Valve is joining the Linux Foundation in the run up to the gaming giant's launch of its Steam Machine, a console based on the Linux open source operating system which the foundation exists to promote. In September, Valve, the developer of the Half Life and Portal series of games as well as the Steam online gaming platform, announced it would be using Linux as the basis of its Steam Machine line of games consoles. The system takes a radically different approach to TV gaming from that advocated by the Xbox One and PS4, allowing any manufacturer to build a compatible system and install the Linux-based Steam OS on top of it. While the code which underpins Linux is free for anyone to use, the Linux Foundation controls the trademark itself, and co-ordinates development of the operating system between the numerous companies which contribute programming time. By joining the foundation, Valve will be able to feed the improvements it makes to Linux for the Steam Machine back into the main body of code, and also more directly benefit from the network of developers which work on Linux itself. “Through these efforts we hope to contribute tools for developers building new experiences on Linux, compel hardware manufacturers to prioritize support for Linux, and ultimately deliver an elegant and open platform for Linux users,” says Mike Sartain, a key member of the Linux team at Valve. Source: http://www.theguardian.com/technology/2013/dec/04/valve-joins-linux-steam-machine-gaming
4
Linux devs may 'cry into our lonely beers' at Christmas Linus Torvalds has let release candidate five for version 3.13 of the Linux kernel into the wild for some festive footling. The Linux Lord let the new release candidate loose in this post that declares “Nothing really exciting stands out” which is “just how I want it.” “It's the 'how did that ever even pass cursory testing' bugs that make me upset,” he continues, “and if those existed, people were appropriately ashamed and quiet about them ;)”. The post also outlines his plan for at least three more release candidates in the 3.13 development process, suggesting that “LCA” (probably a reference to January 6th's Linux.conf.au in Perth, Australia) will keep Torvalds on the road for a while and slow development. Torvalds also offers Christmas greetings in his own unique tone, to wit: Ho ho ho, Christmas is almost upon us, and -rc5 is the last rc before most of us gorge ourselves into insensibility. Or cry into our lonely beers. Or go out for Chinese food. Or whatever you happen to do. Source: http://www.theregister.co.uk/2013/12/24/torvalds_linux_devs_may_cry_into_our_lonely_beers_at_christmas/