//beconfused

Hate advertisements from the internet? Well, previous Tuesday there was lesser of these things. DoubleClick, an internet advertisement company suffered a denial-of-service (DoS) attack.

The outage, first noticed at about 7 a.m. PDT, stemmed from a denial-of-service (DoS) attack that targeted DoubleClick’s domain name server (DNS) system. The attack originated from “outside sources” that caused service disruption for DoubleClick’s ad service clients, according to company spokeswoman Jennifer Blum.

DoS attacks involve flooding a Web site’s servers with packets of information or sending streams of requests for information. As a result, servers cannot handle the load and shut down, causing blackouts that last for hours and sometimes for days. In this case, according to DoubleClick, the attackers targeted its DNS servers, which translate word-based Web addresses, such as www.doubleclick.com, into numeric Internet addresses.

DoubleClick joins Internet infrastructure company Akamai as targets for DNS attacks. In June, a DoS attack targeting Akamai’s DNS servers caused brief blackouts among the company’s biggest clients, including Google, Yahoo, Microsoft and Apple Computer.

Source: CNET News.com

Actually, I was quite happy when DoubleClick went offline, lol. Less pesky advertisements for a day. Still advertisements are need to keep the web free.

Servers aren’t cheap and companies either use subscriptions or advertisements to keep alive. That’s why you see your favorite web sites with more than 1 advertisement per page sometimes.

What’s your say in it? For me, I am forced to like internet advertisements, I would like content to continue to be free. I guess that’s a small price to pay. What’s your say in it?

Just a while before midnight, I picked up my phone and start dialing a number. It has been quite some time since I last called before midnight, I wonder if it is actually alright. And then I heard a lady’s voice. In a deep and husky voice she spoke, demanding my absolute attention. I listened obediently to her somewhat robotic voice.

“..for general enquiries on products and services, please call..” she commanded, “..for broadband technical enquiries, please press 1..”.

I have been using SingNet as my internet service provider (ISP) for 6 years and I believe that I have made at least 1 call to their technical services every year. I am always kinda embarrass when they ask me for my username because I understand that a crosscheck with their systems would also reveal the number of times I called. I wonder if I were the record holder in SingNet’s technical support line.

SingNet’s a good ISP, they have answered my question well, especially when my first question is so vague that it goes like, “Why has my internet got no connection?”. Most of the time it’s a hardware problem, so I should have actually called Compaq which is my previous PC’s brand. But you know, Compaq has shitty customer services, they just want to get their computers sold.

Blog*Spot is causing problems for me. Basically, I can’t access any sites hosted by Blog*Spot. The worse part is that that includes mine. It didn’t take me long to suspect it’s not my computer’s problem because most of my friends using SingNet can’t view the damn domain.

So I gave SingNet a ring at half past eleven, they have phone support till midnight. Like most phone support numbers, I got a recorded message to navigate me around their services.

I do know a thing or two about these recorded messages. Firstly, it’s all powered by robotic women. Yes, not just human, must be a woman. Not just a woman, she has got to have one of those BBC robotic newscaster voice. These recorded messages are used to divert attention and make people give up in calling technical support.

Take my favorite ISP as an example, the lady requested in the pre-recorded message for me to “try rebooting my computer first as I am waiting for the technical officer as it usually solves the problem”. It didn’t, Blog*Spot is having problems for days.

Then I got diverted to the menu. The lady commanded me to call different sets of numbers for specific technical supports. Finally the actual main menu comes as she tells me to press <1> for broadband technical support. Yes, that’s what I want!

So the technical guy answered. The good thing about SingNet is that they have enough technical people and I never waited for long, unlike that dreadful Compaq and put me into the 20 minutes queue. SingNet is smart to waste 2 minutes of my time by putting me on a recorded message. I would have screamed “Why the f*** can I not access Blog*Spot?”. Er, f*** means “fish”, you know those that swim. Oh, you don’t get me? Of course you don’t, there’re so many different species of fish, there’s puffer fish, clown fish, selfish and well… puffer fish. There’re so many types of fish, you probably don’t know what I’m referring. I’m actually say “Why the puffer fish can I not access Blog*Spot?”

I have been trying to access sub domains hosted under the blogspot.com but fail. Is there a problem with your servers?

[Translation: Why the puffer fish can I not access Blog*Spot?]

I always get redirected to new.blogger.com, it seems that only SingNet users are affected.

[Translation: It's you and your mom's fault!]

So he checked and he can miraculously access it. Then reconfirmed that I can’t. He put me on hold with some stupid classical music for 10 minutes, I am sure it’s ten minutes! He’s probably at the loo with his favorite computer magazine or gathering with his colleagues at the coffee corner discussing about their boss’s bad hair days.

He finally came back and provided me with a solution which is to access through their proxy server. Okay, that worked. He also assured me that the problems will be fixed as soon as possible and I should not be using their proxy servers necessarily.

Today, I checked my blog. It worked, this time without me having to insert a proxy. Damn, am I in good mood or what.

As for what really happened, Blog*Spot is never down, but on December 31, they updated some DNS stuff (they call it DNS snafu or something, not sure). I think that caused a problem when SingNet didn’t refresh their servers or something. This is only affecting SingNet users who are not accessing through a proxy server. So basically, if you’re using dial up, you’re safe. [SingNet Broadband does away with the proxy thingy.]

This, I believe, is the post that contains the most number of words.

Nielsen//NetRatings, a firm that deals in internet audience measurement and analysis, provides the statistics concerning the recent MSBlaster worm attack. Traffic of web sites with information concerning MSBlaster worm has increased significantly.

At the bottom of the top 5 list is Zone Lab’s web site, attracting 638,000 users, that is a 73% increase compared to the previous week. Norton Anti-Virus maker, Symantec, sees their viewer ship increase over 302% with over 4 million users.

The Windows Update web site which was targeted by the MSBlaster worm sees over 11 million users; that is an increase of 76% week on week. MSN Tech and Gadgets, which provided information and articles about the worm, attracted over a million people, seeing a 304% jump on that week.

Well, the winner is Microsoft’s TechNet site which recorded 3.9 million unique surfers as compared to 317,000 of the preceding week. That is a surge of 1131% week on week!
Don’t you just love statistics?

The worm attack launched on Microsoft’s Windows Update web site fail too. The worm is preprogrammed to attack http://www.windowsupdate.com/ which is just a redirecting web site. Microsoft removed Windows Update’s redirecting site and the attack failed. Somehow this DoS attack attempt reminds me of Code-Red which attacks http://www.whitehouse.gov/. I guess the worm’s author fail in his attempt.

That’s the default color for the Q&A for your info. I added a new theme - Goto Maki! She went solo last year I think. She used to be in Morning Musume. Check her out, she looks really pretty. [I kinda cheated and smoothen her skin just A BIT, hehee.. But she's still pretty without my editing.] At first, I only include her picture to her shoulder, not revealing her bikini. After a couple of look, I find it extremely distasteful, so much so that I recreated from a scratch - this time including her bikini. She looks more stylish in this way. Some minor updates only. I am gearing it up for a change coming September 01, so be sure to get your mouse (the computer one) ready. Oh, my Stellvia of the Universe download is complete. So happy about it. Shin-pon~! lol

Recently, a worm, MSBlast, has been spreading on the web at a tremendous speed and infected more than 120,000 computers. The forums I frequent seem to have lots of discussion on this. Lots of finger-pointing are involved. The author of this worm addressed to Microsoft chairman in the worm: “billy gates why do you make this possible?” and continues with “Stop making money and fix your software!!”.

So it’s Microsoft’s fault? Not exactly too. This Windows vulnerability has been patched on July 16, 2003. It is listed as a critical update in the Windows Update web site. This worm works in a unconventional way, taking advantage of the Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) in Windows 2000, NT and XP. It uses File Transfer Protocol (FTP) to download itself to the victim’s computer. Those people who are infected apparently failed to patch the vulnerability that has been release about a month ago.

The worm also attempts to cause a denial-of-service attack on Microsoft’s WindowsUpdate.com, similar to the Code-Red worm that aims at WhiteHouse.gov. It causes Windows Update web site to be very slow, but has yet to bring the servers down.

To prevent this from happening, download the patch from Microsoft.
* Windows NT 4.0 Server
* Windows NT 4.0 Terminal Server Edition
* Windows 2000
* Windows XP 32-bit Edition
* Windows XP 64-bit Edition
* Windows Server 2003 32-bit Edition
* Windows Server 2003 64-bit Edition

For removal of this worm:
* Central Command
* F-Secure
* McAfee
* Symantec
* Trend Micro.

I advise you to visit the Windows Update site often or subscribe to Microsoft Windows’ mailing list to get updates on their software. This attack could easily be avoided. It is simply due to the public’s ignorance that cause more than 120,000 computers infected.