Thread-topic: FYI: WGA Always Sends Info to Microsoft and ICANN Issues Factsheet on February DNS Attack (SANS NewsByte)
÷ ÅÓÔØ ÉÎÔÅÒÅÓÎÙÅ ÐÏÄÒÏÂÎÏÓÔÉ...
> --WGA Always Sends Info to Microsoft
> (March 8 & 9, 2007)
> Microsoft has acknowledged that its most recent Windows Genuine
> Advantage (WGA) update sends some information back to the company's
> Redmond, WA headquarters even if users decline to install the update.
> A statement from Microsoft's UK anti-piracy manager says the
> information
> sent back does not identify individuals. WGA communicates to Microsoft
> the computers' globally unique identifiers (GUIDs), user and machine
> language settings and whether or not the machine was connected to a
> domain.
>
>
> [Editor's Note (Schultz): WGA amounts to little more than spyware,
> something that sooner or later Microsoft will have to contend with in
> court.]
>
>
> MISCELLANEOUS
> --ICANN Issues Factsheet on February DNS Attack
> (March 12, 2007)
> A factsheet from the Internet Corporation for Assigned Names
> and Numbers
> (ICANN) says DNS servers came through February's attack relatively
> unscathed because of the Anycast load-balancing technology
> put in place
> after the last major attack in 2002. The attack targeted six
> of the 13
> root servers. The two servers that fared the worst during the attack
> did not yet have the technology installed. The root server operators
> also played a significant role in preventing the attack from having a
> noticeable effect on Internet users worldwide by staying in constant
> communication. The operators noticed that all the attack packets were
> larger than 512-bytes and consequently blocked packets that met that
> criterion. That step alone managed to stop the attack in its tracks.
>
> ns-hackers
>
> 05c,00.htm
>
> [Editor's Note (Skoudis and Paller): The ICANN fact sheet is really
> good, and we strongly encourage you to read it. It describes not only
> the attack and defenses, but the overall architecture of the root DNS
> infrastructure in terms that even a newbie can understand and
> appreciate. It explains interesting things, like why there
> are 13 root
> name servers and not more (it's associated with the 512 byte query
> size), and how Anycast technology helped to thwart the attack. Kudos
> to ICANN for not only producing this fascinating and useful document,
> but for their openness in describing what happened.
> (Pescatore): The DNS root servers have proven to be pretty resilient
> against these large-scale DoS attacks that get a lot of publicity.
> However, a lot of enterprises have been hit by targeted DoS
> attacks and
> have found they have to upgrade their defenses - usually by
> paying their
> ISP extra to get filtered bandwidth. The ISPs need to take
> some of that
> revenue and take steps to make it much harder for DDoS attacks to
> succeed.]
>
