Botnet Security Alert on Sonicwall
-
Sounds like your mortgage website was infected with malware, or it's running ads that are. Does your CPU jump when visiting that site more than others? It may not but still may be infected.
-
Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.
-
@tim_g said in Botnet Security Alert on Sonicwall:
Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.
Mining line to?
-
@tim_g said in Botnet Security Alert on Sonicwall:
Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.
What's a Linux SQL server? Anything running a relational database? How do they target them?
-
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.
What's a Linux SQL server? Anything running a relational database? How do they target them?
I assumed that one meant Linux servers running MS SQL.
-
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.
What's a Linux SQL server? Anything running a relational database? How do they target them?
I assumed that one meant Linux servers running MS SQL.
I had thought of that, but that seemed so unlikely.
-
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.
What's a Linux SQL server? Anything running a relational database? How do they target them?
I assumed that one meant Linux servers running MS SQL.
I had thought of that, but that seemed so unlikely.
Not really. I mean you know how good Windows people patch right?
-
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.
What's a Linux SQL server? Anything running a relational database? How do they target them?
I assumed that one meant Linux servers running MS SQL.
I had thought of that, but that seemed so unlikely.
Not really. I mean you know how good Windows people patch right?
That's true. But it seems like a worthless target. How many of these can there be yet?
-
@danp said in Botnet Security Alert on Sonicwall:
Did you notify your bank?
Yes I did. It was forwarded to the mortgage department. Who knows what they'll do with it.
-
@scottalanmiller said in Botnet Security Alert on Sonicwall:
What's a Linux SQL server?
Meaning an SQL server running on a Linux OS. I don't know if it's MySQL specific or not, so I didn't say it specifically. (yes I know MySQL can run on Windows too... I wish I didn't have to add so much detail all the time and risk everyone firing bullets as if I'm clueless)
I couldn't imagine his mortgage company running on Windows... so that's why I mentioned Linux, even though the botnet targets Windows too.
-
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.
What's a Linux SQL server? Anything running a relational database? How do they target them?
I assumed that one meant Linux servers running MS SQL.
I had thought of that, but that seemed so unlikely.
Not really. I mean you know how good Windows people patch right?
That's true. But it seems like a worthless target. How many of these can there be yet?
Probably nothing outside of labs / testing.
Why would you run MS SQL on Linux when an MS SQL license includes an OS license?
Why would you run MS SQL on Linux when there are better options to run on Linux? -
@tim_g said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
What's a Linux SQL server?
Meaning an SQL server running on a Linux OS. I don't know if it's MySQL specific or not, so I didn't say it specifically. (yes I know MySQL can run on Windows too... I wish I didn't have to add so much detail all the time and risk everyone firing bullets as if I'm clueless)
I couldn't imagine his mortgage company running on Windows... so that's why I mentioned Linux, even though the botnet targets Windows too.
It's just that those things aren't generic. The only thing that makes them similar is that they use relational math in the storing of the data. SQL is the query language, but not the protocol. for accessing them. So SQL servers aren't a group of things in any meaningful way.
-
@tim_g said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.
What's a Linux SQL server? Anything running a relational database? How do they target them?
I assumed that one meant Linux servers running MS SQL.
I had thought of that, but that seemed so unlikely.
Not really. I mean you know how good Windows people patch right?
That's true. But it seems like a worthless target. How many of these can there be yet?
Probably nothing outside of labs / testing.
Why would you run MS SQL on Linux when an MS SQL license includes an OS license?
Why would you run MS SQL on Linux when there are better options to run on Linux?MS SQL licenses include an OS license?
-
At some point they had a Locky infection as below:
https://www.abuseipdb.com/check/208.91.197.46
-
-
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.
What's a Linux SQL server? Anything running a relational database? How do they target them?
I assumed that one meant Linux servers running MS SQL.
I had thought of that, but that seemed so unlikely.
Not really. I mean you know how good Windows people patch right?
That's true. But it seems like a worthless target. How many of these can there be yet?
Probably nothing outside of labs / testing.
Why would you run MS SQL on Linux when an MS SQL license includes an OS license?
Why would you run MS SQL on Linux when there are better options to run on Linux?MS SQL licenses include an OS license?
Maybe not. I thought about it again and I think I got that mixed with System Center including an MS SQL license.
-
@tim_g said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.
What's a Linux SQL server? Anything running a relational database? How do they target them?
I assumed that one meant Linux servers running MS SQL.
I had thought of that, but that seemed so unlikely.
Not really. I mean you know how good Windows people patch right?
That's true. But it seems like a worthless target. How many of these can there be yet?
Probably nothing outside of labs / testing.
Why would you run MS SQL on Linux when an MS SQL license includes an OS license?
Why would you run MS SQL on Linux when there are better options to run on Linux?MS SQL licenses include an OS license?
Maybe not. I thought about it again and I think I got that mixed with System Center including an MS SQL license.
Ah, okay. I was really confused there. I've always priced it out with Server + SQL Server licenses and CALs. Was hoping I hadn't been adding all that in extra all this time
-
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@jaredbusch said in Botnet Security Alert on Sonicwall:
@scottalanmiller said in Botnet Security Alert on Sonicwall:
@tim_g said in Botnet Security Alert on Sonicwall:
Latest news is saying a half million sized botnet is mining line to, and one of the targets are Linux SQL servers.
What's a Linux SQL server? Anything running a relational database? How do they target them?
I assumed that one meant Linux servers running MS SQL.
I had thought of that, but that seemed so unlikely.
Not really. I mean you know how good Windows people patch right?
That's true. But it seems like a worthless target. How many of these can there be yet?
Probably nothing outside of labs / testing.
Why would you run MS SQL on Linux when an MS SQL license includes an OS license?
Why would you run MS SQL on Linux when there are better options to run on Linux?MS SQL licenses include an OS license?
Maybe not. I thought about it again and I think I got that mixed with System Center including an MS SQL license.
Ah, okay. I was really confused there. I've always priced it out with Server + SQL Server licenses and CALs. Was hoping I hadn't been adding all that in extra all this time
You were not doing it wrong.
