An 18 year old Hacker from New Zealand with the alias “AKILL” have been arrested and put into custody by the police with the help of FBI, last night. He was accused of running a botnet of 1.5 million computers. the bot net was used to steal credit cards, manipulate stock trades and perform DDOS attacks of corporate computers. The FBI puts the combined loss of his activities to around 20 million dollars.

If convicted he could face upto 5 years in prison and 250,000 in fines.

More from BBC: http://news.bbc.co.uk/2/hi/technology/7120251.stm
Botnets: http://en.wikipedia.org/wiki/Botnet
Largest Botnets of them all: http://en.wikipedia.org/wiki/Storm_botnet

Knocker is a simple and easy to use TCP security port scanner written in C to analyze hosts and all of the different services started on them. It is available for Linux, FreeBSD, HP-UX, and Windows9x/2000/NT and it is licensed under the GPL.

With knocker it is possible to limit port scan by a single port or by a range of ports or you could also output the result in a text file, yeah that’s about it. That why they call it a “simple” port scanner. None of those fancy stuff Nmap does for you.

That’s Knocker for you: http://knocker.sourceforge.net/

From Bastille Man page:

Bastille Linux is a security hardening program for Mandrake, Red Hat, and Debian GNU/Linux. If run in the preferred Interactive mode (using InteractiveBastille), it can teach you a good deal about security while enhancing your system’s protection against attacks. If run in the quicker Automated mode (using AutomatedBastille), it can quickly tighten your machine, but not nearly as effectively (since user/sysadmin education is an important step!)

Bastille offers different security profiles which can be selected using BastilleChooser. However, note that even if servers and workstations have very different security levels, general security levels are not as good as security levels adapted to your own security policy.

Bastille can secure a number of hosts easily by defining a general configuration file and running BastilleBackEnd on each host individually. All security measures defined will be implemented (if possible) on all of them. Bastille changes can also be undone by using the RevertBastille command.

Website: http://www.bastille-linux.org/

Electronic Frontier Foundation (EFF) released a step by step guide to figure out if your ISP is logging your internet activity. Due to the recent complains by many Comcast users that their online activity is abruptly cut-off because of their heavy use of torrent downloading.

EFF, with the help of whireshark shows you how to verify if your ISP is doing the same to you in your region. They also released a python-based tool to compare packet captures and determine if they are potentiall “forged, dropped, or mangled packets”

You can download the tool here: http://www.eff.org/testyourisp/pcapdiff/
You can also read the very detailed informative howto here: http://www.eff.org/wp/detecting-packet-injection
MSNBC story about the tool: http://www.msnbc.msn.com/id/22013943/

[ picture source: EFF ]