Symantec estimates that 1/3 of all SPAM was stopped when Microsoft (with the assistance of the U.S. Marshals and a court order) took steps to shut down the Rustock botnet. Other botnets (Bagle, Festi, Cutwail, Lethic, Grum, Xarvester and others) are stepping into the void left by Rustock. Whether Rustock will remain ‘dead’, is unclear as the Rustock programmers and Rustock ringleaders are still unidentified and still at large.
This isn’t the first time Microsoft has taken down a botnet and Rustock is not the only botnet.
We have known for years that personal and business desktop computers infected with viruses and bots were the primary source of the majority of SPAM on the Internet. Lack of computer literacy, knowing how to use and protect your computer, is the primary enabler of computer infection. Having anti-virus isn’t enough, you have to know how to protect your computer and how to surf the web and handle e-mail and files safely.
MICROSOFT
SYMANTEC
NEW YORK TIMES
SSH (Secure SHell) is a common tool for setting up a “VPN tunnel” using port forwarding, or secure remote access to the command line; thus it is not uncommon for servers providing SSH connections to be directly accessible from the Internet.
Hackers are constantly testing defenses looking for configurations that missed something important and therefore allow access. SSH daemon configurations that improperly turned off keyboard-interactive logons but forgot to enable the “ChallengeResponseAuthentication no” are being attacked.
From SANS: