Web servers used in DoS attack
 Researchers from Imperva have uncovered a botnet that uses compromised Web servers instead of personal computers to launch denial of service attacks.
Web servers were commonly used in such attacks a decade ago but had been replaced by the Windows-based PCs. However, using Web servers provides much greater bandwidth for an attack and thus requires fewer zombies than using personal computers. Also, it lessens the chance that the compromise will be discovered because Web servers don't typically run antivirus software. Imperva organization claims that mentioned botnet currently contains about 300 web servers. By analyzing traffic from a compromised server, organization discovered that attack was directed at hosting provider in Netherlands. The web servers were being compromised with code that exploits vulnerability in PHP, a computer language used for processing web pages. The attack employs a simple user interface that allows specifying the victim's IP (Internet Protocol) address and port as well as the how long the attack should last. Also, attacker is hiding his location by using Tor network. For additional information readers can read original article at CNET web site. |
