Nuclear Microbe Poker Hygiene

eGreetings!

By weight or by tone, Southwest wouldn’t let him fly home.

Totally forgot I had a video game arcade online.

For excellent savings and all of your downloading needs, be sure to check out our downloads page! It is updated frequently, and there are great finds!

Sirius XM is seriously screwing up.

What do you blame?

Cleaning up after broken Windows is as easy as just sweeping the pieces under the rug.

GoToAssist can help you provide instant support to clients, friends, or family members.

Don’t like to exercise? Make it a game. A poker game!

When it comes to cleaning up oil spills, a microbe cocktail is the quicker picker-upper.

Our energy needs will likely keep Homer Simpson on the payroll for a while.

College students are filthy animals!

If you’re looking for the best way to maintain your home or office network, look no further than SolarWinds.

Oh, Lordy – cotton for food? Milo Minderbinder would surely approve.

Surprisingly enough, there’s no law dictating that eBook readers have to be ugly.

What are your options for deploying Windows 7?

Capturing images on your screen is pretty simple, right? But what if you want to do more with them? Then you want to snag a copy of SnagIt. How did you ever get along without screen capture software? This one even integrates with AOL instant messenger and potentially your blog, too! Start your next screen capture the right way — manage it with TechSmith’s SnagIt.

March 13, 2009 – Virus Set To Call Home To Southwest Ailrines

According to a blog entry at Sophos, if you are scheduled for a flight on Southwest Airlines on March 13th, you may have trouble logging in online. It seems that the virus known as Confickeris scheduled to call home to wnsux.com for further instructions. But the virus won’t receive any directions. Instead the site which is owned by Southwest Airlines will redirect the traffic to Southwest Airlines. If this happens, than the site could suffer a denial of service attack.

According to Sophos in their blog posting, it also states that:

The key sites whose visitors may indeed see a disruption to their service include:

DOMAINDESCON DATE
jogli.comBig Web Great MusicMarch 8
wnsux.comSouthwest AirlinesMarch 13
qhflh.comWomen’s Net in Qinghai ProvinceMarch 18
praat.orgPraat: doing phonetics by computerMarch 31

Other, less frequented, sites of interest that appeared in the list include “The Tennesse Dogue De Bordeaux” dog breeders site (tnddb.com, March 14) and the coy “Double Super Secret Message Board” site (dssmb.com, March 11) — dogs and secrets won’t be moving too well on those days. One last domain turned out to be infected with Troj/Unif-B (site not listed here for obvious reasons) — so I will go ahead and block that one all the same!

As for options, the simple solution, say for Southwest Airlines, could simply be to stop resolving wnsux.com to southwest.com for the day — so long as that wouldn’t hinder any of their operations. Another option would be to filter out the Conficker HTTP requests of the form http://<domain>/search?q=<N>, though this requires that (a) your site does not currently use a “search” page (with no file extension) and more importantly (b) the filtering decision is made at a point along the network path that can cope with the load. This is a bit trickier as HTTP is an application layer protocol — a network connection must already be established before the two endpoints start speaking HTTP — necessitating a highly provisioned web proxy be used on the front lines to (1) establish the connection (TCP 3-way handshake), (2) examine the HTTP request, and (3) drop Conficker requests and pass along any remaining (presumably legitimate) requests further downstream. In any case, I have contacted the owners of the domains listed above to draw their attention to this matter.

Time will tell whether making it on the Conficker list will be viewed with prestige or lowliness. Perhaps stories of surviving a Conficker call-home flood will carry a badge-of-honor in the network operations world. I do know one thing for certain though… I’m glad sophos.com did not make the list.

MikeW, SophosLabs, Canada

So hopefully Southwest Airlines won’t experience any problems.

Comments welcome.

Source