Linux Blamed for DDoS Attacks

jd writes "In this article, Linux and Solaris were blamed for the DoS attacks. The claim was that rogue code could be inserted onto these systems, causing them to attack other machines. The article also claims that this cannot happen with Windows machines. Microsoft is trying to turn this entire DoS affair into one gigantic media coup. Is it possible it orchestrated the entire thing? " Update: 02/11 07:36 by CT : the article has been pulled due to 'flagrant inaccuracies.'

Re:UPDATE: Story Pulled due to "Flagrant" Inaccura

[heller]

Yes.

Here

**Martin

READ THE FUCKING ARTICLE

[Nicolas+MONNET]

They don't even IMPLY, they STATE, they WROTE that having the source to the OS made it more vulnerable to this attack. IT IS AN ABSOLUTE **LIE**. It's not even a matter of opinion: it's my opinion, for instance, that having the source code is better, overall, from a security point of view. HOWEVER, saying that having the source code available makes Linux & Solaris more vulnerable (or, from what I understand, more likely to be used as hosts) to to DDOS attacks is a complete and unfounded LIE.

UPDATE: Story Pulled due to "Flagrant" Inaccuracy

[FreeUser]

Computer Currents has yanked the story, complete with apology for the inaccuracies:

Linux could indeed be the culprit

[AaronW]

There are detailed descriptions about how these attacks are being executed at Dave Dittrich's web site. It looks like there are numerous vulnerabilities in both Red Hat Linux 6.0 and in Solaris that were exploited for this bug.

Linux, Solaris, or Windows is only secure if the system administrator constantly applies the latest security patches, and how many of you actually do that? The only way to prevent this sort of attack is being vigilant about security on all machines on your network.

Buy a clue

[CormacJ]

I think someone needs to have a word with this guy. Usually these attacks are done with custom written programs, not a OS.

Any OS with an IP stack can be used for these attacks.

This guy is hyping a fear for the clueless so that these upper management people will rush out and buy his "software".

He's mixed up worms, viruses and DoS in one big muddled heap.

I would not even think about touching this protection software, if this is what they say it can fix.

Shoddy Reporting

[Hrunting]

You claim the article is sensationalistic?! Hell, I can't believe this post made it through the editors with its sensationalistic undertones. I see one line that says the code can't run on Windows. It's absolutely right. What these people are looking for is a daemon that runs on Unix systems. I don't see Microsoft's hands in here manipulating the story and I don't see an over "Linux/Solaris is bad" undertone either. What I see is that a lot of Linux/Solaris systems are vulnerable because their IT folks don't know how to manage them.

And suggesting that Microsoft had a hand in these attacks is incredibly more irresponsible than this article saying that vulnerable Linux/Solaris systems were the host machines. If you've got proof, fine, post it. But don't say it because you didn't like the fact that someone pointed out that poorly managed Unix systems were the starting point for a massive web attack. Basically, the Unix community just got slapped in the face for being so complacent about the security of their systems. That's it.

I really thought Slashdot was above this sort of thing.

Re:Shoddy Reporting

[ucblockhead]

They didn't say the code didn't run on Windows. That would have been correct. What they said was that Windows machines aren't vulnerable to this sort of attack. That's a crock of shit.

All a Windows version would need is "ActiveX" + "IP Stack" + "Thousands of cable modem and DSL systems managed by unknowledgable users".

Micrsoft's Fault?

[RAruler]

Okay, lets see.. we've blamed
A) Packet Monkeys, Script Kiddies, Crackers
B) The Government, NSA, CIA, FBI
C) Microsoft

The FBI releases some tools to detect DOS Daemons, so what do we do? *Paranoia ON*
Some idiot reporter says that its the fault of Linux and that it could never happen with Windows, so what do we do? *Distrust of Microsoft ON*

So, it appears the whole thing has been orchestrated by the Microsoft-Jewish-Communist-American Government-Echelon-Media and it is the first step in a global stranglehold on free speech where Bill Gates reigns supreme.

Re:Not FUD, just plain LIE!!!

[ucblockhead]

I'm a WindowsNT programmer with a moderate amount of TCP/IP experience. I'm certainly no IP expert. The only "cracking" knowledge I have is what I've read in various places, including the risks digest, and others. I'm pretty damn sure I could do this on a Windows box.

All it would take would be to take advantage of any of the numerous holes that have allowed people to run arbitrary code on a windows box. Sure, many of these have been fixed, but I know the Windows user community. Lots of those machines are run by people with no clue.

Hell, my own machine would almost certainly succumb. I'm tempted to try. Good thing it is behind a firewall.

Were I to actually do this, I'd throw up some website somewhere, with an invasive ActiveX control, and throw some porn on it. I'm sure I'd attract enough suckers run a DDoS attack. And once that code is one their machine, the rest is trivial. Basic sockets programming. The "hard" part would be doing it in such a way as not to get caught, but I am pretty sure even that would only require a few days work and access to a public machine.