Fri 05/30 10:45 Take the Chitika|Premium Challenge – We 4.74
adameeze36@biz.by Sat 05/31 18:48 THANKS FOR YOUR PAST EFFORT. 5.022
devyn-kitayosh@OZLUER.COM Sat 06/07 13:57 Be the longest, be admired 5.504
dom_john016@ig.com.br Thu 05/29 19:15 CONTACT MY SECRETARY FOR YOUR COMPENSAT 5.552
ventoler1965@ETCNY.COM Sun 06/08 5:15 Receipt number for your purchase with u 5.584
tennisqueen5@oxford-analytica.com Thu 06/05 21:30 Luxury 6.969
Don-nocotavo@CENTERDATA.DK Sun 06/08 20:12 Enlarge your organ easily with us today 7.28
RichcellarOsborn@lifefone.com Sun 06/08 4:42 Timepieces Online. Shop us 7.319
wwwrun@servidorweb.gobernaciondecaldas.gov.co Tue 05/27 20:09 CONTANT EFEX EXPRESS COMPANY WORLD 7.459
orouksal1953@HUNTINVESTMENT.COM Thu 06/05 16:42 Super savings off all herba1 products 7.738
nobody@host.vs1host.com Sat 05/31 0:54 CONTACT UNITED STATE PARCEL SERVICE FOR 8.042
MaeepitaxialPiper@merriam-webster.com Tue 06/10 10:21 Penis Enlargment Reviews 8.086
hffverthnad@bordertown.com Wed 06/04 16:36 Update your Penis 8.477
me@localhost.com Tue 06/03 5:45 Congratulation!Congratulation!!Congratu 8.504
me@localhost.com Tue 06/03 5:42 Congratulation!Congratulation!!Congratu 8.504
mary_tuttle_lg@elambers.demon.nl Mon 06/09 22:30 RE: SALE 80% OFF 9.188
password7@elambers.demon.nl Fri 05/30 2:21 RE: SALE 86% OFF 9.188
rob@elcmechanical.com Wed 05/28 10:06 RE: SALE 89% OFF 9.188
rob@eklhq.com Sat 05/31 12:15 RE: SALE 84% OFF 9.188
mrslarisa2002@yahoo.com.hk Sun 06/01 7:06 FOU YOUR KIND ATTENTION 9.308
database0014@switched.com Fri 05/30 3:30 Congratulation!Congratulation!!Congratu 9.625
fsdxtxi@bos.mcd.mot.com Mon 06/09 12:15 Luxury 10.249
PATRICKCHAN@CHAN.NET Fri 05/30 16:54 BUSINESS PROPOSAL!!! 10.46
youngben222@voila.fr Tue 06/03 19:45 PAYMENT NOTIFICATION 10.68
info@oceanicbank.org Fri 05/30 19:30 YOUR PAYMENT NOTIFICATION 12.685
justinkokuvi@gazeta.pl Thu 06/05 2:48 MR JUSTIN KOKUVI 13.444
apache@ftp.trakt.ru Wed 06/04 2:48 Please Respond. 14.125
apache@ftp.trakt.ru Wed 06/04 2:42 Please Respond. 14.125
williams_don01@gazeta.pl Tue 06/03 4:54 FINAL DELIVERY NOTICE 14.939
croupyco08@mobile.mycingular.net Fri 06/06 12:18 Re:to rob! 15.345
swiftpromotions2@silverstarnetworking.co.za Mon 06/02 11:33 ONLINE SWIFT HUMANITARIAN WINNING NOTIF 18.788
watsllp@gmail.com Wed 05/28 12:33 Compliment 19.183
sa_thabo_za39@hotmail.com Fri 05/30 4:57 SEEKING FOR YOUR HELP 19.321
john.j@switched.com Tue 06/03 2:15 CONFIDENTIAL BUSINESS PROPOSAL 19.565
ahmedasiyah@yahoo.com Sat 06/07 16:57 Please read very carefully 19.997
peteraronu03@ig.com.br Wed 06/04 8:09 YOUR UGRENT REPLY NEEDED 20.289
edsolicitors@gmail.com Tue 06/03 2:54 Regarding Your Inheritance 21.064
monica_shadinovo01@yahoo.com Tue 06/03 1:27 FROM:MRS.MONICA SHADINOVO. 21.901
raymond_briggs5@mailbox.hu Tue 06/03 16:00 From Senior Account Officer, Barclays B 22.573
admin@national-onlinelottery.co.uk Sat 05/31 22:00 FINAL WINNING NOTIFICATION! 24.42
lawson@yahoo.com Thu 06/05 11:57 BUSINESS AND INVESTMENT PROPOSAL. 36.008

That which does not kill us makes us stronger.
-Friedrich Nietzsche

In the November 2002, Information Security Magazine article, Infosec’s Worst NightMares, Ed Skoudis lists the Top 5 Worst Attacks of 1998 – 2002. Mr. Skoudis is the founders of Intelguardians Network Intelligence, LLC and is a handler of the very popular Internet Storm Center.

Mr. Skoudis mentions that the Top five major destructive attacks of 1998 – 2002 made many industries “battle-tested” and more likely to be proactive rather than reactive. The 5 year Worst Skoudis list is based on exploits that shook our very faith in the Internet and security of e-commerce.

1. Code Red (2001). July 13 2001, the worm attacked Microsoft IIS systems. By 19 July 2001, the worm had affected over 350,000 systems. SANS and Honeynet Project set up honey pots to capture the worm. But E-eye Digital Security Programmers did the most intense research on the worm and also named it. The worm exploited a vulnerability in the indexing software distributed with IIS, described in Microsoft’s MS01-033 patch. It was a buffer overflow attack. Some of the lessons learned: Keep systems patched, use of honey pots to capture malware, coordinated response helps to contain worms.

2. Nimda (2001). Shortly after 9/11, the Nimda worm was unleashed. It caused more damage financially than Code Red. There were rumors that it was China that released it to hurt the US further, but this is unlikely due to the nature of Nimda.

While it was bad, it had the appearance of a being written by a determined amateur, not a nation-state that spends $1 Billion annually on cyberwarfare capabilities. – Skoudis.

Nimda affected Windows 95, 98, Me, NT, or 2000 and servers running Windows NT and 2000. It was so affective because it attacked IIS, e-mail, browsers and network shares. This multi dimensional attack method could mark a trend in future cyberfare.

Lessons Learned: The importance of an incident response capability, disabling arbitrary scripts in e-mail and browsers.

3. Melissa (1999) & LoveLetter (2000). Both of these exploited malware through e-mail propagation. Melissa used Microsoft Word Macro virus and LoveLetter (I Love You Virus). The worm harvested the victims address book to forward itself to more victims which killed a lot of email servers. Lessons Learned: Many companies got serious about implementing anti-virus applications throughout the network.

4. Distributed Denial-of-Service (DdoS) attacks (2000). After all the panic of pre-Y2K, a completely new and unexpected storm hit major sites: Yahoo!, Amazon, CNN, E*Trade ZDNet and eBay. All by a single child hacker nicked named Mafiaboy. He had spread zombie flooding agents to hundreds of machines around the world and used them to attack sites with billions of useless packets. Lessons Learned: employ anti-spoofing filters.

5. Remote Control Trojan Horse Backdoors (1998 – 2000). In 1998, the Cult of the Dead Cow hackers group created the Trojan, Back Orifice which initially targeted Windows NT/9x. The tool allowed unskilled attackers to attack any vulnerable system. It also marked the rise of the “script kiddies” and produced a bunch of spin offs such as Subseven, Netbus and Hack-a-Tack.