WarIntel Bot probe

Our COWs have been busy.

Don't have a COW man., Cyber Over Watch

Cyber overwatch picked up some anomalies.

And turned it over to Counter Surveillance.

They identified it as a small probing bot attack.

Fewer than 100. This is at least their second

probe.

Under our self defense paradigm,

this is an attack, computers controlled

by a third party, and our "rules of Engagement"

apply.

Barb looked at some of the Bots and they

have been infected Via Binary Planting.

Called "binary planting" and "DLL load hijacking"
by others. This was discovered in the wild again

 a month ago.

Many Windows applications don't call DLLs using a full path name, but instead use only the filename, giving hackers wiggle room that they can then exploit by tricking an application into loading a malicious file with the same title as a required DLL. If attackers can dupe users into visiting malicious Web sites or remote shared folders, or get them to plug in a USB drive -- and in some cases con them into opening a file -- they can hijack a PC and plant malware on it.

Binary planting or DLL hijacking attacks have been known about for at least 10 years, and Microsoft was again informed of the problem in August 2009 by researchers at the University of California Davis.

This looks like a probing DOS attack, but as our

blog is on Google servers they will be handling it.

We have deployed BSUs and remain vigilant 

and are back tracking.

Cyber Weapons have been issued.

Barb is in a very good mood.

Internet Anthropologist Think Tank: 

The Internet Anthropologist Team

If you have trouble getting to our Blog,

you will know whats going on.

Gerald

Internet Anthropologist

Tactical Internet Systems analyst

We have armed Cyber Warriors.

Locations of Bots:

United Telecom Of Georgia (77.92.241.xxx)  Tbilisi, Dushet'is Raioni, Georgia, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:20 Page View No referring link

Nib (national Internet Backbone) (117.193.49.xxx)  Madras, Tamil Nadu, India, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:13 Page View No referring link

On-vol Cable Internet (92.251.100.xxx)  Qala, Malta, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:11 Page View No referring link

Sympatico (174.89.60.xx)  Barrie, Ontario, Canada, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:11 Page View No referring link

Telekom Malaysia Berhad (115.135.222.xxx)  Kuala Terengganu, Terengganu, Malaysia, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:10 Page View No referring link

Dynamic Ip For Broadband Service (182.52.46.xx)  Nakhon Si Thammarat, Thailand, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:09 Page View No referring link

Uab Kauno Interneto Sistemos (87.239.83.xx)  Kaunas, Kauno Apskritis, Lithuania, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:08 Page View No referring link

Smart Broadband Incorporated (121.1.11.xxx)  Manila, Philippines, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:08 Page View No referring link

Road Runner (174.108.28.xxx)  Salisbury, North Carolina, United States, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:08 Page View No referring link

Mahanagar Telephone Nigam Ltd. (120.60.4.xxx)  Mumbai, Maharashtra, India, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:07 Page View No referring link

Pt. Telekomunikasi Selular (telkomsel) Indonesia (114.121.40.xxx)  Jakarta, Jakarta Raya, Indonesia, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:06 Page View No referring link

Tm, Adsl Service Provider, Malaysia (124.82.196.x)  Betong, Sarawak, Malaysia, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:04 Page View No referring link

Centurytel Internet Holdings (99.194.137.xxx)  Foley, Alabama, United States, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:03 Page View No referring link

Digitelone (203.213.198.xx)  Manila, Philippines, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:03 Page View No referring link

Cyberworld Di Carlone Massimo (78.5.89.xx)  Procida, Campania, Italy, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:02 Page View No referring link

Comcast Cable (98.251.66.xxx)  Ellenwood, Georgia, United States, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:01 Page View No referring link

Sbc Internet Services (99.63.252.xxx)  Columbus, Ohio, United States, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:01 Page View No referring link

Sbc Internet Services (99.106.203.xx)  New Haven, Connecticut, United States, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:01 Page View No referring link

Zedteknoloji Internet Hizmetleri (178.211.49.xxx)  Istanbul, Turkey, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:01 Page View No referring link

Com Hem Ab (213.89.204.xxx)  Bromma, Stockholms Lan, Sweden, 0 returning visits Date Time Type WebPage 10th October 2010 12:09:01 Page View No referring link

One page.
IPs have been sanitized for privacy reasons.

We have 4 pages of these .

Barb

.

.