Slashdot Mirror
IRCnet Servers Strike To Protest DDoS Attacks
Many of the IRC servers on IRCnet are going to lock out
all of their users from 12:00 on Friday the 7th of April
to 20:00 on Saturday the 8th of April 2000 (time given in
UTC+0200) to
protest denial
of service attacks. It's a tactic that's been employed before,
but hopefully people will learn. Considering the attacks on so many
services on the Web, I bet we'll see this more. Course that might
just encourage the script kiddies.
I'm a non-tenured professor in a public institution. If it were used for a complaint, the context wouldn't matter, just the word. And "stop these stupid proceedings or the white, middle-clas male resigns" just doesn't have the same affect on the angry mob . . .
Do I like the situation? No. But my kids like to eat, so I'll leave the battle to those with tenure. (yes, this is why tenure exists; it's not really [supposed to be] about job security in general).
--
-- Slashdot sucks.
Its beyond my understanding why such nuts exist. What kind of person in what delusional fantasyland would take down networks of communication? Are they so sick that they must pick fights and get revenge by causing harm? Or is this just a proof of concept cracking game? To see how other people will react to damage? Are these the same kinds of people who swing cats by the tail?
heh - I remember when IRC was quite new and run of a single network, used to be quite fun, writing bots and scripts to keep a channel up and running as netsplits across the atlantic sent in wave after wave of script kiddies after #england.
:)
Dunno why they wanted #England so badly!
I rememebr we ended up taking over their own meeting channels for a couple of weeks in revenge
Those were the days.
DDoS has always been part of the IRC and is going to stay that way - you can limit it by not allowing bots etc on your servers but people will always have scripts and there will always be script kiddies
troc
Troc's dubious podcast and blog: http://www.trocnet.net
True - but you have to realise that it can take a few days for atopic to be posted on Slashdot itself, so it's entirely possibly this was submitted by someone days or hours before you submitted it and it's just taken a while to get posted............
Troc
Troc's dubious podcast and blog: http://www.trocnet.net
I have to read the Wall Street Journal for one of my classes & I read an article a while ago about the feds tracing the person that did the Yahoo! attack (Supposedly the rest were copycat crimes). They're claiming that it was all planned on IRC, and they even have some nicks that they believe are the people that did it. So, with all the lawsuits going on, they might be shutting their doors so they can say that they are doing what they can to help prevent this type of thing. Since there are IRC cops, and such things, it is somewhat possible that somebody knew what was going to happen (or could have, had they parsed logs looking for it). I dunno, I'm just rambling out loud, but at least they won't get sued.
The legions of script kiddies out there will see what a grand thing they have done, making IRCnet admins mad enough to take down the service for some period of time. Following this logically, if they DoS again, and even harder, IRCnet is likely to lock out again, and maybe for longer.
Analogy: when you were beat up by the school bully in grade school, protesting by not coming to class for a week would be a sure way to get beat up even more when you come back.
This is only going to hurt legitimate irc users who have nothing to do with the attacks. Script kiddies will just beat them down until they submit, then go find another target.
*sigh* You think they would be a little smarter about this.
This sig is false.
The real idea is to call the users on GMD for splitting from the happy idiots crowd.
And in my humble opinion GMD is right. IRC has lost most of its meaning nowdays. The chance of meeting intelligent life there is as high as finding intelligent life on anothe planet in the Solar System. So I personally appload any ISP that has stopped offering IRC as a service.
It has a place only on internal networks nowdays.Sad, but true.
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
This is a bit like schoolteachers punishing an entire class in response to the actions of a few. This may be annoying, but it tends to be effective -- it tends to create peer pressure against the perpetrators to behave themselves. Since the script kiddies running these DoS attacks are impacting the service for everyone, this is probably a good thing. Maybe they should do this more often?
Deven
"Simple things should be simple, and complex things should be possible." - Alan Kay
taking away IRC from them for a day will provide the same effect of denying a cocaine user drugs for a day
Here's a thought - find somebody who uses crack cocaine and tell them you are going to stand there and keep them from using it. Not something I'd want to try...
your web browser should be configurable to use your text editor for textfields
How do I do that? AFAIK, neither Netscape, Exploder, kfm, Konqueror or Opera do this. I don't know if NS6 does or not, but there's no way I'm going to use that bloated pre-alpha crap they released yesterday. If there is a way, let me know.
Okay, Lynx probably can. But I'm guessing that with the pics and icons and layout, that Slashdot wasn't meant to be used with Lynx.
A Government Is a Body of People, Usually Notably Ungoverned
Blah, you have no imagination. All you need is a can of white paint to paint some strategically placed arrows on the surface. The difference isn't the potential, the difference is the real damage done.
-- Abigail
The point is that by protesting a wrong we are trying to focus attention on the matter and show the general public that informed, rational computer hackers abhor such activity.
-=-=-=-=-=-=-=-=-
-=-=-=-=-=-=-=-=-
wookin' pa nub in all the wrong pwaces
Well, I can well understand the strike. I have heard about this before in a story about the nubmer of EFNET hosts shrinking. Its pretty lame to take down these servers.
... our skript kiddies need somewhere to hone their 1337 skillz, so lets setup a few sites where they can practice, maybe even run a competition if it is feasible. Not that I am volunteering, but someone or some organisation somewhere may have the resources, and even profit from the exercise in a 'know your enemy' kind of way.
But
Here's hoping some form of sanity prevails.
Hmm, without IRC servers being up, nobody will be able to idle for years at a time(read: no conversations) or have 2000 bots on a single channel for no reason. I'd say go through with it. Maybe people will go outside and fly a kite, or hang out with their friends in meatspace.
Just a moment's thought reveals that "Denial of Service" attacks, currently, mean absolutely zero.
Today, the internet is a non-critical entity. Denying service to any of the 99% of the servers in existance is akin to covering your nearest freeway billboard with a bedsheet. The only harm caused is a momentary pause in the flow of cash toward the increasingly larger internet corporations.
Before you bark at me, realize that you have two options: suffer through and learn from DOS attacks today when the stakes are infinitely low, or find yourselves at the mercy of a ruthless sabateur when the internet actually provides some crucial, important, life-critical service.
Because, if all the script kids stopped today as a result of this protest, the DOS attack methods would still exist... and maybe we would be foolish enough to actually permit something like, oh, Social Security or a Presidential Election, or everybody's oxygen machine to get wired up to the internet, and lo and behold someone whips out a DDOS attack from their archives. You get my drift.
Continuing to demonstrate the youth of this system only provides the world a service at a tiny, tiny cost compared to what havoc might occur if we closed our eyes to the reality of the internet's maturity.
So what if Aunt June can't get to EBAY to bid on another beanie baby or little Timmy can't look up Jennifer Lopez *one *more *time on Yahoo, or whizzbang.com loses 4 hours of ad revenue. As long as my decendants don't become extinct as a result of an insecure internet, it's a small price to pay.
If the worst thing that happens today is that an IRC server is inaccessible, well praise the lord.
I don't need large brains to have a good time.
Folks who start DDoS and other script-based attacks are, for the most part, immature little jerks who are so incompetent in every other part of their lives that they have to do sociopathic things in order to feel powerful. If they didn't have IRC to DDoS, they'd probably be out smoking cigarettes to show Mom who's boss, or writing "SUX" on bathroom stalls. They're probably cruel to littler kids, so they can feel like they're bigger and tougher than somebody. They hate their mothers, but they secretly wish they could fuck them, so they break into web sites and vandalize them with the particularly telling message that they "own" them now. They try to "own" cnn.com, but what they really want to own is Mom. The slang they use to talk to each other is full of sublimated expressions like "rule" and "own" and "bitchslap" and "you're my bitch now," and, of course, "muthafucka."
They don't have their own personalities, so the only form of self-expression they can come up with is to find the things that are better than them--that make them feel as little and irrelevant as they actually are--and destroy them.
The IRCNet gesture is intended to polarize us, not to convince script kiddies they're getting on our nerves. On our nerves is where they want to be.
--
This is not my sandwich.
The people DDoS'ing the servers aren't the same people who just like to go on and chat, they're a rather particular plague of idiot.
Its a nice gesture, but I can't see how it will really make much of a difference... as much as I hate lawsuits, a better solution is to try and find the people behind these attacks, and sue them for all the wasted network resources caused by their attacks. Sure, that won't stop new attackers, but it will at least help them with some money to buy extra bandwidth to deal with it.
Of course, a real solution to dealing with these idiots would be nice, but we can't just throw them off the net forever, and we can't shoot them. So just what do we do?
-- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
A majority of IRCOps (IRC Operators, people with the "O-line") have the worst personality in the world. The only time they speak to anyone outside of their close friendly circle is to correct someone or laugh at someone. They have no tolerance for screwing around (even if it doesn't hurt anyone) and use their forces, usually G-lines (AKA Global Bans/Global K-Line), excessively.
Many of the users on IRC are people who, somewhat like the IRCOps, have some technical skill, and are usually fairly young. They like to get drunk, high, and they like to screw around. When conflicts happen, usually IRCOps are completely unforgiving and rather rude.
This provokes alot of the Denial of Service attacks.
IRC Networks for a long time now have been ignoring security (It took them sooo long to get any preventative measures) and they just blame the user who attacks them, which may provoke more attacks, usually doing nothing.
I've never been on IRCNet, but I've been on IRC (Starting with EFNet) for about 7 years. I've run several small networks of my own. What I said here may not apply to IRCNet, but it sure does apply to all of the IRC Networks I've been on.
Now, if my message is moderated up, the IRCOps I've offended will flame, point out any little errors I made in this e-mail, etc. For saying things along these lines before, I've been G-Lined and tons more (including Undernet Ops e-mailing my boss in hopes of them firing me, hah).
is perpetrated by the service provider. In the grand old tradition of the McNemara era ("We had to burn the village in order to save it."), they're going nuts.
I'm not familiar with the problem, since I never use those networks. Still, I find it hard to imagine that one more DoS will improve things. I guess this is a sign of desparation, rather than a reasoned response? If someone who is responsible for this decision reads this column, I hope you'll enlighten us.
See what I've been reading.
The way I see it this is hardly going to affect anything. Your typical "script kiddie" is gonna try to get onto ircnet, fail and just go over to efnet for the day without even noticing. I see the people that commit these sort of acts as some sort of modern day vandals, except instead of spray-painting bridges, they are bringing down servers. Sure it's immature but then they're kids, bored and looking for some sort of recognition. Being able to say "I brought down " is one way of getting that. Some of them will grow out of it. Some wont and will probably end up in jail but you'll never really be able to stop it happening.
Phear my l33t homepage.
S. 2092 is a senate bill allowing the govt to expand it's prying capability to bypass current wiretap laws by allowing the fbi to put trojans on your workstation to facilitate the tracking of would be 31337 haxors and the like, all in a supposed effort to combat DoS attacks and such. Problem is, they don't siscriminate between the bad guys and everyone else.
More race stuff in one place,
than any one place on the net.
Grtz, Jeroen
Secure messaging: http://quickmsg.vreeken.net/
Don't forget a lot of the IRC servers which join in this strike are run by ISP's who also supply services. When the DDoS are making it more difficult to provide those services, as they say, I can't blame them for taking them down.
Oh, and for the person who posted "we're on the wrong track" - please note that 'the internet' is international, and that the US constitution is not.
Inez{R}
taking away IRC from them for a day will provide the same effect of denying a cocaine user drugs for a day. It would, but IRCnet isn't taking IRC away from them, it's just taking IRCnet away from them. The script kiddies will just take their crap elsewhere for a day, and then probably come back in greater numbers. Does IRCnet gain anything? Nope.
I really don't understand what this will prove to anyone. Do these sysadmins think that by taking away IRC, these guys won't be able to plan their next strike?
Hey, let's show the commies in Cuba and China how much we don't like thier policies-- by copying them here in the USA!
Like most (all?) protests, this is all fluff and no substance. By taking some action, no matter how silly, these guys make themselves feel better about the situation. A better course of action would be to work out a solution to prevent DDoS attacks from succeeding.
We think ALAR on apples is dangerous for kids, so we're going to protest its use by spraying it on all other fruit crops too!
I'm not condoning DDoS attacks, however this sounds like: "If you're not going to play fair then I'm taking my toys and going home."
They need to figure out how to avoid/stop the attacks. Shutting down just calls attention to the problem.
The following statement is true. The preceding statement is false.
These splits are just so annoying when you're on IRC
Perhaps we should start punishing crimes not only based on the intent, but the cumulative frustration, annoyance and grief it causes.
These kids could qualify for the death penalty, and I know of plenty of people who would (unjokingly) gladly pay for a few minutes alone with these kids in an alley somewhere.
Wasn't there an article a while back about someone that actually did that? Tracked one of these packet kiddies down and assaulted him? I think they got caught though..
Key concept: When companies (or whomever) are crippled by vandals abusing or crippling their sites (a situation that is somewhat exacerbated by the far-flung but inter-related nature of the Internet), do you think that the Federal government is not going to notice? Especially when these vandals hit noticeable sites that should CONCIEVEABLY have had some sort of security. I know that most people with inkling of routing protocol would respond that the sites should have filtered their packets, that they deserved what they got etc. etc. etc.
The issue truly at hand is wether or not the freedom of the Internet jeopardizes the freedom to USE the Internet. When that freedom to use is threatened by the abuses of a few miscreants, doesn't the government (policy makers, politicians, even the DOJ) have a duty to step in? Does the freedom of the Internet surpass the freedom to use it?
I agree that most politicians have no real grasp of technological issues. It seems that most are crafting their views depending on how the winds blow or on what Tom Brokaw hyperventilated about at 6.30pm or on what their tech advisor is telling them at the moment. Or, even worse, they regurgitate the party line when it comes to something like Internet taxes.
Whenever someone moans about "the Feds", I have to ask what the hell are YOU (yes, you) doing about it? Are you expecting someone else to step in and solve these problems? I hate to say this, but since there is a notable absence of the technologically savvy on Capitol Hill, others are stepping into the vacuum (corporate interests, politicos, etc.) and are driving tech policy.
As for the instance of the IRC operators, I can certainly sympathize with them and perhaps this might serve as a wake up call for the abusers.
This is another view of the world.
Starving Children Around the World Go On Hunger Strike
US Government Randomly Kills Citizens in Order To Protest Terrorism
Environmentalist Group Burns Forest, says one member, "We're sorry it had to come to this"
Department of Treasury Stops Printing Money in an Effort to Reduce National Debt.
Man Refuses to Clean Up Doggie Mess in Hall in Effort to "...teach Oscar what it's like to live in filth"
Housewife Stops Watering Plants, says, "Maybe This Way They'll Decide To Produce More Oxygen"
On the other hand, I'm not so sure that IRCnet has thoroughly thought this out. To echo the concerns of many other posters: isn't protesting DoS (Denial of Service, for the uninitiated) attacks by shutting down your service rather... counterproductive?
Aside from the confusing nature of the protest, IRCnet must realize that they risk annoying, perhaps even angering, a lot of thier users. Especially at risk: users who aren't aware of DDoS or the protest, and the script kiddies who perpetrate these kinds of attacks. I'm worried that this action may be inviting attacks and possible disaster on the IRCnet network.
Maybe a better way to do this would be to run a campaign like the yearly Anti-spam campaign, which asks web site operators to turn thier sites pink, and explain the protest. Things like that seem to have a greater effect than outages.
Well, in any case, I wish the folks of IRCnet the best of luck.
--
: remove whitespace to e-mail me
We may not imagine how our lives could be more frustrating and complex—but Congress can. – Cullen Hightower
As I understand it, to protest the script kiddies' use of DDoS, the site admins are going to deny service themselves? Sounds kinda like chopping off your ear to protest someone chopping off your other ear.
Christopher A. Bohn
cb
Oooh! What does this button do!?
Wanna get fussy
your last post was not haiku
instead it's senryu
Ah so WDK - WKiernan@concentric.net
The people who are DoS'ing the servers aren't going to be deterred by the servers rejecting connections; if anything it will strengthen their resolve to continue to cause chaos amongst IRCnet as a whole.
Although I have little experience with IRCnet, I can relate with my times on EFnet and Undernet, where groups of kiddies are all to willing to fire up their TFN's and take out a hub or two, causing splits across the whole networks. These splits are just so annoying when you're on IRC, and I agree that anything that can be done to prevent the DoS should be done. While I reckon this stance is a good idea to draw attention to the cause, I can't see that it's going to help prevent the DoS in any way whatsoever.
IRC servers are such easy targets.... with such noticable effects in the form of splits - almost enough to make a script kiddie climax in fact. EFnet has started to employ ways to make it harder - hiding IP's from C: and N: lines, but anyone with a bit of knowledge or skill can find these out.
Maybe it's time to accept that IRC is a medium which will always be plagued by these lamers who get kicks from causing havoc. I doubt it will stop, there are just SO many, and the only way to prevent this sort of thing happening, IMHO, is to either employ high level firewalling techniques, or get to the root of who is causing the problems.
Not sure either is particularly feasible.
steve
It seems to me that this is only going to hurt the legitimate users of IRCnet, and not the script kiddies (or retarded little shits, as I prefer to call them :) I mean, Joe Average, IRC user, probably isn't going to care about DOS attacks to the point that he/she wants to be without IRC for several hours, and the script kiddies are just going to go to another retarded channel on efnet or Undernet or wherever and continue to talk about the "time I brought down Wired" or something similarly stupid.
Recall the scene where the village is about to lynch the black sheriff? He puts his gun to his own head, and hollers, "Freez, or the *** gets it!"
And the townsman back off, because he has a hostage . . .
I was wondering for some time whether Slashdot should try an approach like this against the trollers - but I found myself coming to the conclusion that it would not be effective and would only hurt Slashdot itself.
Think about it - it would only let the trollers know that they had won!
I guess the intended effect of such a strike is to raise consciousness amongst those affected of the effects of their actions. Ask yourself - how many script kiddies / trollers are really gonna care about the effect of their actions?
I'm left wondering - where would the trollers go if Slashdot closed it's doors??
Hmmmm...
"Give the anarchist a cigarette"
A little planning goes a long way...
It's a good thing this isn't implemented (widely) in the "real world" (sarcasm mode on):
Sigh. Life sucks and is unfair whenever it would be inconvenient for people (and esp. bureaucracies) to do the "right thing". I know that this episode is just a minor inconvenience (the idea of doing anything important on IRC vanished for me around 1992) but it definitely illustrates the addage "cutting one's nose off to spite one's face".
How does this combat DoS attacts by script kiddies? It doesn't. And we're on the wrong track.
Americans are exercising their unalienable right to life, liberty and the pursuit of capital gains. But what happens when liberty jeopardizes life -- or the Dow Jones average? And what happens when the government jeopardizes liberty?
On Tuesday, Sen. Jon Kyl, R-Ariz., convened the Senate Judiciary Subcommittee on Technology, Terrorism and Government Information to make the case for new legislation to protect the nation's ``information infrastructure.'' And so began a familiar Washington ritual: Friendly lawmaker invites friendly bureaucrat to a hearing. Soon, a new law emerges that gives political credit to the lawmaker and a bigger budget to the bureaucrat. Kyl began the show with a declaration that ``denial of service'' hacker attacks on companies such as eBay, Yahoo and CNN should ``serve as a wake-up call about the need to protect our critical computer networks. the attacks contributed to a 258-point drop in the Dow Jones Industrial Average and halted a string of three days of consecutive record- high closes of the technology-laden Nasdaq Composite Index.''
To deal with this problem, Kyl and Sen. Charles Schumer, D-N.Y., have co-sponsored S. 2092, which would modify the federal government's ``trap and trace'' authority, so that law enforcers would no longer need to obtain a search warrant in every jurisdiction through which a cyber- attack traveled. This just makes matters worse, the more we promote the "We must do something about those evil script kiddies" by staging stupid stunts like this blackout, it gives the govenment the green light to come on in, write bad policy and pay for the execution of this bad policy with our tax dollars.
The first ``witness'' was FBI Director Louis Freeh. After praising Kyl and his legislation, he reminded his audience of how much the FBI was already doing to combat the scourge of cyber-crime. Freeh then used the forum to outline the FBI's entire cyber-agenda, covering everyone from virus-writers and intellectual property thieves to the ``Internet Black Tigers,'' a group ``reportedly affiliated with the Tamil Tigers'' of Sri Lanka. He further noted that unchecked Net-related stock fraud costs investors $1 million an hour. IMM an hour? Sources say? BS. We're giving the feds all the confusion they need.
We need to get constructive folks, and not continue to feed the machine.
More race stuff in one place,
than any one place on the net.
wether or not the freedom of the Internet jeopardizes the freedom to USE the Internet "
Very eloquent and accurate.
On the other hand, your flame was rather insulting,
Whenever someone moans about "the Feds", I have to ask what the hell are YOU (yes, you) doing about it? Are you expecting someone else to step in and solve these problems?
Who the hell am I? Well for starters I'm an over 40 PHB who lives in the US and has been on the net since the old days, pre 1980. My entire career for the last 20+ years has been the internet, starting long before GUIs.
What the hell am I doing about it? Plenty, you should be as well. All of us should, not just because it's our livelyhood, because it's our privacy and our basic freedoms as well. Personally, I have regular dialog with many elected officials on many different levels. I'm no stranger to the telecom lobbists or in my Representetive or Senators offices on capital hill and my state capital. I support the Electronic Frontier Foundation , Global Internet Liberty Campaign (GILC), Internet Free Expression Alliance (IFEA), Digital Future Coalition (DFC), and the TRUSTe Privacy Policy Certification Program as well as several others both monetarily and with my time. Do you?
Am I expecting someone else to step in and solve these problems? No, I am involved, are you?
Although you had a good point in your post, I feel the impact of it got lost in the flames, instead of flaming posters on /., try using some of that effort to get the laws and the policy changed, you might be surprised at what one person can do.
More race stuff in one place,
than any one place on the net.
Some people think that this sounds stupid, but it is not. A lot of people fail to realize that almost all of the IRC servers out there are run on a voluantary basis, IRC is a privelage not a right. A lot of script kiddies are not up to no good, the flood, the trade their warez and porn, and chances are that they are addicts, taking away IRC from them for a day will provide the same effect of denying a cocaine user drugs for a day. I do not think it will stop the problem, but I do think it will make people realize how much they value IRC, people fail to value things till it gets taken away from them.
Pardon all my tpyos, incorrect grammars and speelings, Rob when is slashdot getting a spelling and grammar checker?
------ Curiosity killed the cat. {satisfaction brought it back | it didn't die ignorant | lack of it is killing mankind
The solution: Reduce their incentive to. Widely distribute a daemon, pstormd, and a program, pstorm. When pstorm is run, it will connect to every copy of pstormd in existence, each of which will begin ping-flooding every host it knows of.
Result: Anyone anywhere will be able to effortlessly bring down the Internet without getting caught. After several months during which the net is totally useless, a general appreciation for the fact that the network is not a toy will develop. Every month or two, someone will run the program out of maliciousness, terrorism, or curiosity, but the appeal will gradually dwindle. ISPs who deny access to the program to their users will be publicly flogged for "presenting a challenge to the little bastards." AOL, after steadfastly refusing to include pstorm's trademark "don't push" button in their software, will be disconnected from the network entirely, to general approval. pstorm will eventually be ruled illegal, but no one will care.
The FBI will be sued by the FSF, and lose, because its attempts to block pstormd from functioning involve reverse-engineering its messages (3-byte UDP packets which read, "GO!"). Microsoft will write its own pstorm, which says "BO!", and imply that the non-MS version is unreliable and may be unsupported in the future.
Eventually, use of pstorm will be restricted by tradition to certain celebratory occasions, such as Kwanza. It will also be used to protest particularly clueless decisions by judges and elected officials about The Way The Network Should Work, to remind them and everyone else how much say they have in the matter.