Asian companies neglect of Nimda -criminal" says Aussie expert

An Australian security company has called three major Asian organisations -criminals" and the main culprits propagating hundreds of thousands attacks from the Nimda worm.

Janteknology claimed to have had 30,000 probes from the malicious worm up to midnight last night and 17,000 so far today, the majority of them propagated from eight IP addresses hosted in the Asia-Pacific region.

The Korean Network Information Centre has six attacking servers and both Hutchison Corporate Access Hong Kong Limited and the Ministry of Education in Thailand have one attacking server, according to Janteknology's Glenn Miller.

-These people have got to be named," Miller told ZDNet Australia. "These people are criminals. Their servers are propagating [malicious] probes at an outrageous rate. Systems are going to meltdown because of the traffic being generated by these attacks."

If these IP addresses are attacking Janteknology's servers they will be attacking everyone's servers, according to Miller, who says the three companies should be liable for the damage they cause. -They're irresponsible to the extreme," he said.

-The Korean Network Information Centre's servers should be shut down...they're a risk to commercial systems worldwide," he added.

Miller said he was about to notify the offending companies and ask them: -how much liability do you want because you've probably got the whole world coming after you".

Advertisement

Print feature brought to you by Adobe

Talkback 4 comments

    So much spam can be traced to ...Anonymous -- 20/09/01

    So much spam can be traced to Korean or Chinese sources. Next time that you get sent SPAM, have a look at the email header, find the originating IP address and trace it at www.domainwhitepages.com Perhaps Australian carriers should block traffic from those sources...

    The Korean Network Information ...Anonymous -- 20/09/01

    The Korean Network Information Centre hosts several servers that have attacking our network over the past 2 months since the release fo Code Red. I have contacted them on several occasions with logs and IP's of the servers in question but to date nothing has ever been done about it. 2 months on and I am still getting up to 1000 attempted attacks per day. Yes, we are protected by our firewall but we still have to pay for the bandwidth usage.

    Right in the beginning I contacted the NSW Police as we did not know that they were Code Red attacks and thought it was something more malicious. Unfortunately the several people who I managed to speak to did not know what I was talking about. Eventually by capturing packets and scouring hacker sites could I definately say that it was from Code Red attacks.

    This is something that is only going to increase over time, and up to now basically there is nothing you can do about it.

    There are many skilled network ...Anonymous -- 20/09/01

    There are many skilled network admins that are sick of dealing with the badly managed servers that have still not been patched against these problems. The real costs will start to trickle in as bandwidth providers start to send out the bills.

    A lot of these admins are going to get proactive sooner or later. Were you aware that it is possible to remotely patch the attacking systems when they make a connection to your server in an attempt to exploit the system? This *is* illegal -- understandably, but how much of this madness do we have to put up with before someone risks court and jail for the betterment of society?

    All thats needed to to have your own servers return the attack requests back at the attacking systems, adding code to cause them to download the patches and reboot.

    Its so simple to do, its crazy that its too risky to patch them this way. All that consider it might go the same way as www.whitehats.com's creator, Max Vision.

    Its a crazy situation. You *can* do something, but then again, you cant.

    A web site owned by the Intern ...Anonymous -- 28/09/01

    A web site owned by the International Publishers Association has been infected by the Nimda virus, we sent an email and got a reply saying that "they were taking steps to resolve the problem" but 4 days later, their site is still infected. The infected web site is www.book-fairs.com -

Add your opinion

Latest Videos

Sponsored content

Power Centre - Content from our premier sponsors

Blogs

  • Suzanne Tindal IT: Govt's cost-cutting bitch
    The government needs to stop looking at IT as a necessary evil or the place to remove costs when the Treasurer comes calling.
  • Array Can complaints on mobile content be cut?
    On 1 July this year the new Mobile Premium Services Code was introduced. It sounds like it's had a good impact, but is it enough?
  • Array NZ farmers: Bleating about broadband
    As we know, farmers are such bleaters. They bleat as much as the four-legged woolly things in their paddocks. If it's not the weather, it's the strength of the dollar! Nothing is ever right. Likewise with rural broadband.
  • More blogs »

Tags

  1. 489 articles are tagged with 3g
  2. 41 articles are tagged with afact
  3. 83 articles are tagged with asic
  4. 141 articles are tagged with ato
  5. 1306 articles are tagged with broadband
  6. 69 articles are tagged with cba
  7. 14 articles are tagged with cenitex
  8. 670 articles are tagged with cio
  9. 253 articles are tagged with conroy
  10. 132 articles are tagged with contract
  11. 47 articles are tagged with david thodey
  12. 155 articles are tagged with exchange
  13. 152 articles are tagged with firewall
  14. 129 articles are tagged with fujitsu
  15. 53 articles are tagged with gnome
  16. 1033 articles are tagged with government
  17. 21 articles are tagged with hfc
  18. 790 articles are tagged with hp
  19. 1304 articles are tagged with ibm
  20. 222 articles are tagged with iinet
  21. 289 articles are tagged with isp
  22. 7 articles are tagged with jodee rich
  23. 13 articles are tagged with longhaus
  24. 35 articles are tagged with michael malone
  25. 1481 articles are tagged with microsoft
  26. 35 articles are tagged with mike quigley
  27. 51 articles are tagged with minchin
  28. 1127 articles are tagged with mobile
  29. 218 articles are tagged with national broadband network
  30. 395 articles are tagged with nbn
  31. 201 articles are tagged with new zealand
  32. 195 articles are tagged with nsw
  33. 61 articles are tagged with one.tel
  34. 929 articles are tagged with open source
  35. 884 articles are tagged with optus
  36. 20 articles are tagged with pipe networks
  37. 171 articles are tagged with queensland
  38. 2650 articles are tagged with security
  39. 53 articles are tagged with senate
  40. 69 articles are tagged with separation
  41. 9 articles are tagged with sp telemedia
  42. 176 articles are tagged with sydney
  43. 232 articles are tagged with telco
  44. 61 articles are tagged with telecom nz
  45. 2440 articles are tagged with telstra
  46. 138 articles are tagged with tender
  47. 25 articles are tagged with thodey
  48. 31 articles are tagged with tpg
  49. 176 articles are tagged with victoria
  50. 79 articles are tagged with wholesale

Back to top

Featured