Slashdot Mirror
IRCnet Servers Strike To Protest DDoS Attacks
Many of the IRC servers on IRCnet are going to lock out
all of their users from 12:00 on Friday the 7th of April
to 20:00 on Saturday the 8th of April 2000 (time given in
UTC+0200) to
protest denial
of service attacks. It's a tactic that's been employed before,
but hopefully people will learn. Considering the attacks on so many
services on the Web, I bet we'll see this more. Course that might
just encourage the script kiddies.
On the other hand, I'm not so sure that IRCnet has thoroughly thought this out. To echo the concerns of many other posters: isn't protesting DoS (Denial of Service, for the uninitiated) attacks by shutting down your service rather... counterproductive?
Aside from the confusing nature of the protest, IRCnet must realize that they risk annoying, perhaps even angering, a lot of thier users. Especially at risk: users who aren't aware of DDoS or the protest, and the script kiddies who perpetrate these kinds of attacks. I'm worried that this action may be inviting attacks and possible disaster on the IRCnet network.
Maybe a better way to do this would be to run a campaign like the yearly Anti-spam campaign, which asks web site operators to turn thier sites pink, and explain the protest. Things like that seem to have a greater effect than outages.
Well, in any case, I wish the folks of IRCnet the best of luck.
--
: remove whitespace to e-mail me
We may not imagine how our lives could be more frustrating and complex—but Congress can. – Cullen Hightower
As I understand it, to protest the script kiddies' use of DDoS, the site admins are going to deny service themselves? Sounds kinda like chopping off your ear to protest someone chopping off your other ear.
Christopher A. Bohn
cb
Oooh! What does this button do!?
Wanna get fussy
your last post was not haiku
instead it's senryu
Ah so WDK - WKiernan@concentric.net
I'm not familiar with the problem, since I never use those networks. Still, I find it hard to imagine that one more DoS will improve things. I guess this is a sign of desparation, rather than a reasoned response? If someone who is responsible for this decision reads this column, I hope you'll enlighten us.
When I still used to use public IRC servers one of the main reasons to DoS an IRC server was the create a split in the network of servers. Once the split was there you could could connect to the opposite side of the split with another client using the same nick(name) as the person(s) you wanted to knock off the network (presumably to gain operator status on a channel they controlled.) When the DoS'd server came back online the split would rejoin and a nick collision would occur--knocking your fake client and the other guy's real client offline simultaneously. Then you could steal his nick and/or his channel. I think most servers have added some form of timestamping to stop this but I didn't really pay much attention to it then, and none at all now.
I imagine the DoS attacks on IRC servers are still probably a tool in the little kiddie's turf wars. Considerring that the same kiddies are using IRC servers to coordinate their efforts (and as a replacement for real lives) they're kind of screwing themselves. Also, since the server operators are providing their services for free on a voluntary basis I see no problem with them DoS'ing back as a protest. Will it change things? Probably not. Will it piss of the kiddies? Yeah probably if they're cut off from the only lives they have.
numb
The people who are DoS'ing the servers aren't going to be deterred by the servers rejecting connections; if anything it will strengthen their resolve to continue to cause chaos amongst IRCnet as a whole.
Although I have little experience with IRCnet, I can relate with my times on EFnet and Undernet, where groups of kiddies are all to willing to fire up their TFN's and take out a hub or two, causing splits across the whole networks. These splits are just so annoying when you're on IRC, and I agree that anything that can be done to prevent the DoS should be done. While I reckon this stance is a good idea to draw attention to the cause, I can't see that it's going to help prevent the DoS in any way whatsoever.
IRC servers are such easy targets.... with such noticable effects in the form of splits - almost enough to make a script kiddie climax in fact. EFnet has started to employ ways to make it harder - hiding IP's from C: and N: lines, but anyone with a bit of knowledge or skill can find these out.
Maybe it's time to accept that IRC is a medium which will always be plagued by these lamers who get kicks from causing havoc. I doubt it will stop, there are just SO many, and the only way to prevent this sort of thing happening, IMHO, is to either employ high level firewalling techniques, or get to the root of who is causing the problems.
Not sure either is particularly feasible.
steve
It seems to me that this is only going to hurt the legitimate users of IRCnet, and not the script kiddies (or retarded little shits, as I prefer to call them :) I mean, Joe Average, IRC user, probably isn't going to care about DOS attacks to the point that he/she wants to be without IRC for several hours, and the script kiddies are just going to go to another retarded channel on efnet or Undernet or wherever and continue to talk about the "time I brought down Wired" or something similarly stupid.
Recall the scene where the village is about to lynch the black sheriff? He puts his gun to his own head, and hollers, "Freez, or the *** gets it!"
And the townsman back off, because he has a hostage . . .
I was wondering for some time whether Slashdot should try an approach like this against the trollers - but I found myself coming to the conclusion that it would not be effective and would only hurt Slashdot itself.
Think about it - it would only let the trollers know that they had won!
I guess the intended effect of such a strike is to raise consciousness amongst those affected of the effects of their actions. Ask yourself - how many script kiddies / trollers are really gonna care about the effect of their actions?
I'm left wondering - where would the trollers go if Slashdot closed it's doors??
Hmmmm...
"Give the anarchist a cigarette"
A little planning goes a long way...
It's a good thing this isn't implemented (widely) in the "real world" (sarcasm mode on):
Sigh. Life sucks and is unfair whenever it would be inconvenient for people (and esp. bureaucracies) to do the "right thing". I know that this episode is just a minor inconvenience (the idea of doing anything important on IRC vanished for me around 1992) but it definitely illustrates the addage "cutting one's nose off to spite one's face".
How does this combat DoS attacts by script kiddies? It doesn't. And we're on the wrong track.
Americans are exercising their unalienable right to life, liberty and the pursuit of capital gains. But what happens when liberty jeopardizes life -- or the Dow Jones average? And what happens when the government jeopardizes liberty?
On Tuesday, Sen. Jon Kyl, R-Ariz., convened the Senate Judiciary Subcommittee on Technology, Terrorism and Government Information to make the case for new legislation to protect the nation's ``information infrastructure.'' And so began a familiar Washington ritual: Friendly lawmaker invites friendly bureaucrat to a hearing. Soon, a new law emerges that gives political credit to the lawmaker and a bigger budget to the bureaucrat. Kyl began the show with a declaration that ``denial of service'' hacker attacks on companies such as eBay, Yahoo and CNN should ``serve as a wake-up call about the need to protect our critical computer networks. the attacks contributed to a 258-point drop in the Dow Jones Industrial Average and halted a string of three days of consecutive record- high closes of the technology-laden Nasdaq Composite Index.''
To deal with this problem, Kyl and Sen. Charles Schumer, D-N.Y., have co-sponsored S. 2092, which would modify the federal government's ``trap and trace'' authority, so that law enforcers would no longer need to obtain a search warrant in every jurisdiction through which a cyber- attack traveled. This just makes matters worse, the more we promote the "We must do something about those evil script kiddies" by staging stupid stunts like this blackout, it gives the govenment the green light to come on in, write bad policy and pay for the execution of this bad policy with our tax dollars.
The first ``witness'' was FBI Director Louis Freeh. After praising Kyl and his legislation, he reminded his audience of how much the FBI was already doing to combat the scourge of cyber-crime. Freeh then used the forum to outline the FBI's entire cyber-agenda, covering everyone from virus-writers and intellectual property thieves to the ``Internet Black Tigers,'' a group ``reportedly affiliated with the Tamil Tigers'' of Sri Lanka. He further noted that unchecked Net-related stock fraud costs investors $1 million an hour. IMM an hour? Sources say? BS. We're giving the feds all the confusion they need.
We need to get constructive folks, and not continue to feed the machine.
More race stuff in one place,
than any one place on the net.
wether or not the freedom of the Internet jeopardizes the freedom to USE the Internet "
Very eloquent and accurate.
On the other hand, your flame was rather insulting,
Whenever someone moans about "the Feds", I have to ask what the hell are YOU (yes, you) doing about it? Are you expecting someone else to step in and solve these problems?
Who the hell am I? Well for starters I'm an over 40 PHB who lives in the US and has been on the net since the old days, pre 1980. My entire career for the last 20+ years has been the internet, starting long before GUIs.
What the hell am I doing about it? Plenty, you should be as well. All of us should, not just because it's our livelyhood, because it's our privacy and our basic freedoms as well. Personally, I have regular dialog with many elected officials on many different levels. I'm no stranger to the telecom lobbists or in my Representetive or Senators offices on capital hill and my state capital. I support the Electronic Frontier Foundation , Global Internet Liberty Campaign (GILC), Internet Free Expression Alliance (IFEA), Digital Future Coalition (DFC), and the TRUSTe Privacy Policy Certification Program as well as several others both monetarily and with my time. Do you?
Am I expecting someone else to step in and solve these problems? No, I am involved, are you?
Although you had a good point in your post, I feel the impact of it got lost in the flames, instead of flaming posters on /., try using some of that effort to get the laws and the policy changed, you might be surprised at what one person can do.
More race stuff in one place,
than any one place on the net.
Some people think that this sounds stupid, but it is not. A lot of people fail to realize that almost all of the IRC servers out there are run on a voluantary basis, IRC is a privelage not a right. A lot of script kiddies are not up to no good, the flood, the trade their warez and porn, and chances are that they are addicts, taking away IRC from them for a day will provide the same effect of denying a cocaine user drugs for a day. I do not think it will stop the problem, but I do think it will make people realize how much they value IRC, people fail to value things till it gets taken away from them.
Pardon all my tpyos, incorrect grammars and speelings, Rob when is slashdot getting a spelling and grammar checker?
------ Curiosity killed the cat. {satisfaction brought it back | it didn't die ignorant | lack of it is killing mankind
The solution: Reduce their incentive to. Widely distribute a daemon, pstormd, and a program, pstorm. When pstorm is run, it will connect to every copy of pstormd in existence, each of which will begin ping-flooding every host it knows of.
Result: Anyone anywhere will be able to effortlessly bring down the Internet without getting caught. After several months during which the net is totally useless, a general appreciation for the fact that the network is not a toy will develop. Every month or two, someone will run the program out of maliciousness, terrorism, or curiosity, but the appeal will gradually dwindle. ISPs who deny access to the program to their users will be publicly flogged for "presenting a challenge to the little bastards." AOL, after steadfastly refusing to include pstorm's trademark "don't push" button in their software, will be disconnected from the network entirely, to general approval. pstorm will eventually be ruled illegal, but no one will care.
The FBI will be sued by the FSF, and lose, because its attempts to block pstormd from functioning involve reverse-engineering its messages (3-byte UDP packets which read, "GO!"). Microsoft will write its own pstorm, which says "BO!", and imply that the non-MS version is unreliable and may be unsupported in the future.
Eventually, use of pstorm will be restricted by tradition to certain celebratory occasions, such as Kwanza. It will also be used to protest particularly clueless decisions by judges and elected officials about The Way The Network Should Work, to remind them and everyone else how much say they have in the matter.