Slashdot Mirror
ISP Forced Out of Business by DoS
flyhmstr writes "According to a report on ISPReview Cloud Nine have been forced off line and out of business thanks to the actions of crackers deciding to go play with some DoS tools." It's only getting worse.
The kids are getting more and more aggressive as time goes on and
it gets easier and easier to launch a large scale DoS. As any
techie knows, fixing the problem is far easier said then done... but
as a frequent recipient of the sharp end of the DoS stick, I sure
wish it wasn't an issue.
If the scrupt kiddies buy the hardware like we buy the DVDs maybe you have a case, otherwise it seems to me like apples and oranges to me.
There are four boxes used in defense of liberty: soap, ballot, jury, ammo. Use in that order.
They get charged through the nose for all the bandwidth the attack takes. Theres a certain amount of money budgeted for bandwidth, but the a DoS attack hits and suddenly you're running at 100x normal bandwidth cost for however long it takes you to break the attack - that kind of fee can certainly break a company that already lives on the edge.
Sadly enough (and I certainly feel for the ISP), new laws concerning these attacks aren't going to help anyone. For laws to be effective, you actually have to catch the person in question, and with DDOS that's darn tough.
I'm not sure what the real answer is, though. I find myself reading these stories and articles and feeling helpless myself, even though I'm not directly involved. But I am a programmer, and we're supposed to have brilliant solutions to these issues....but I can't come up with one. The underlying structure of the 'net itself is to blame for allowing these attacks, and you know to change that will be like getting all cars to convert to bacon fat gas.
How does one instigate a major industry shift in how we do things? Would it even be worth it, or will we just see these random business fold due to stupid fucking kiddies?
Blog,Twitter
The unwashed masses out there see both of these as the same thing...
That is the problem. I always try to explain it this way: There are good doctors, and there are bad doctors. There are good lawyers, and there are bad lawyers. There are good cops, and there are bad cops. (etc.) And there are good hackers, and bad hackers.
This just seems to be part of human nature; I haven't seen much change in the percentage of people who behave this way since my childhood (1960's) anyway. The problem is that the world today is so interconnected, and also dependent on technologies whose webs of interconnection are more fragile than we like to think, that the 2/1000 with the desire to damage can do a lot more damage to a lot more people than ever before.
I am a bit discouraged myself about whether or not this can be stopped on the Internet, personally.
sPh
the same side as always.
the 'slashdot community'is against unfair laws , but in favour of good laws.
destroying something without a good reason is just wrong.
I could be a little out of date (maybe even a lot ;) ), but last time I checked you could do a lot of calming of DoSing by implementing proper packet filtering on routers.
IIRC most DoSing relies on the kiddie hiding their source address (so that they can't be traced). So ensure that the router closest to the kiddie knows all the IPs it is allowed to accept, and rejects (and logs) all others.
This puts an onus on ISPs to handle the situation. Any ISP which doesn't react immediately to a DoSer from it or a downstream stands to lose (all of) its uplink(s).
Most port handling equipment can handle quite complex filtering on its own, knowing the IP allocated to a port and filtering all packets without that as its source. Port handlers typically forward to a router anyway, so its easy for an ISP to say "that interface talks to that rack, which can use IP range X to Y, so filter everything else". Immediately your script kiddie is limited to faking addresses of other users in the range.
This screws up a number of DDoS attacks I know of (where the reply to an unwitting host causes shit for the replier), and makes it a lot easier to trace the kiddie at least to within a limited number of possibilities.
If the ISP supplies a link to another ISP it must ensure it toes the line. Bulk links to corporate customers or anyone with a range of IPs (rather than just one) at the other end of the link can usually be handled like dial-ups: port handlers filter out bad source IPs.
Does anyone know of technical and/or political reasons why this can't work? If there are no technical problems then maybe an IETF policy committee needs to make it a standards issue.
i-name =twylite [http://public.xdi.org/=twylite], see idcommons.net
There is a world of difference between trying to maintain our fair use rights or exposing bad "security" methods and launching a DDoS attack against ANYONE.
:( )
This is not a black and white issue. A DoS attack is both illegal and imoral, as what you are doing hurts a large group of people. Exposing bad security in e-book files will help people in the long run. (Although it will help the copyright holders and not us
As for the general population, it depends entirely on what the media reports. They can report that "hackers" have cracked a protection scheme, or they can report that a digital protection scheme was proven inadequate. Both are technically true, but each favors one group as the good guy. Unfortunately, since news is an entertainment forum, the first is more likely to be reported.
Until the general population is tech savvy enough to understand these issues, the media will have complete control over their opinions.
Cheers,
Phathead
Writing a DoS tool is not a crime. Using it on someone else is.
I agree. In support of that viewpoint, I would give the following example counter argument.
Guns are bad. Nuclear weapons are bad. Let's remove them both from the military. Studying how these things are built and used is not a worthwhile endevor. Since we don't believe in attacking someone for no reason, we don't need any weapons. We also don't need to study how offensive weapons might be used against us. Therefore there is no reason for their existance. Let's just pass a WMCA (Weapons Millenium Contraband Act) law and outlaw anyone even thinking about how weapons work or how reinforcements might be vulnerable to weapons.
(Disclaimer: I don't own anything which was designed to be used as a weapon; lest someone pigenhole me into a certian group.)
Those who would give up liberty in exchange for security and DRM should switch to Microsoft Palladium!
Technically trivial, perhaps. Administratively, it is extremely non-trivial, and that's just as big a factor. Please get off the "If I can do it in my home network of three machines, it must be just as easy to do for the whole internet" horse.
The illegal we do immediately. The unconstitutional takes a little longer.
--Henry Kissinger
Now, I don't doubt that Cloud 9 was/is a great ISP, but I have to take their statements with just a wee grain of salt. I don't see anything there that indicates that they came under any worse of a DoS attack than scores of ISPs before them...why is it, then, that this particular ISP decided to just pack up and die over it? Something smells a little funny here, and I can't just take their attribution of the business failure to hackers as gospel.
For your security, this post has been encrypted with ROT-13, twice.
The problem is that sysadmins see the scans from these kiddies and ignore them (those that even have a portsentry or similar application in place). If you saw someone walking around your house and trying the doors and windows, you'd call the police right away, wouldn't you?
So why do the kiddies get off free? Sheer apathy from most of the sysadmins in the world.
When you get scanned, you have the address (if it's not spoofed), you can send a mail to abuse@domain. But most people don't, because It's too much hassle or we can't be bothered or no harm was done.
Script Kiddies will have a far harder time when admins start practising zero tolerance.
----- Documentation is worth it just to be able to answer all your mail with 'RTFM' - Alan Cox.
Think about it: you've just brought down a major ISP, sent their sysadmins to the unemployment lines, and now they have plenty of time on their hands, probably have copies of all the logs, and nothing better to do than go through them with a fine tooth comb to find who messed up their lives.
Nosiree, I would not want to be in those script kiddie shoes. Not that I'm saying the sysadmins would stoop to anything illegal, but there's lots they can do legally if they find out who's behind the attack.
-- This
You're far to direct to get any attention, alas. You deserve an upmod for sure.
To reiterate and expand:
The DoS-ers are causing material and practical harm to the equipment of others.
The LiVid guys etc. are doing something useful and practical with something that they own.
The two situations are _diametrically opposed_.
FP.
(I don't mind being redundant if it helps some people get the point!)
Also FatPhil on SoylentNews, id 863
Compare this to stuff like DeCSS, Felton's work on SDMI and the rest. Showing why something doesn't work or getting additional functionality out of a product just isn't the same as maliciously depriving a business of the resources it requires to survive.
It isn't hard to explain but what is hard is getting the message out when Disney and the like are spouting their propaganda at 11 and with the simple fact that this isn't a bullet issue for the proverbial Joe Average.
I don't want knowledge. I want certainty. - Law, David Bowie
If 1000 people walk down a backstreet past an empty building, 998 will just pass by. 2 will throw a rock through a window and spraypaint the walls.
But this isn't throwing a rock and spraypainting. That's more like trolling Slashdot. This is setting the building on fire. The difference between what these kids do and an arsonist is the FBI actually cares about arson.
God Fucking Damnit
A skript kiddy is pretty safe, as are spammers
Depends, if a spammer is trying to sell a real product they should be perfectly possible to track down.
Can someone please clue me into why people do this?
This is a somewhat larger question than I think you realise and one that people have been struggling to understand for as long as there have been people. Why do people do bad things? Why are they selfish, cruel, malicious? Why do even good people not have the self control to always follow their better instincts? Why do some people not even seem to have those better instincts?
I'll be up front and mention that I am a christian (Now THAT is a statement to start a flame war on this board - not my intention but my experience is that there are a lot of people that are quite indignant with me for what I believe. But since it IS what I believe [I'm not making it up to start a flame war] & is relevant to your question I don't feel particularly compelled to keep silent.) Anyway, christians (and therefore, I) believe that every single person is 'fallen' and inclined to be 'bad' (or evil to use the old-fashioned term) and do 'bad things' (or sin to use the old-fashioned term). 'Bad' (or evil) ultimately being defined by christians as being selfish - living for oneself rather than for God & your fellow man. Though we are all the same in this regard it is expressed differently in each of us as individuals. The behaviour of these kids doesn't have any particular appeal to me but I think for them it is a way of selfishly having "power" they don't otherwise have. They are probably incapable of doing something positive that would have as much impact or bring them as much or notoriety. But here they are a few, or maybe even one immature kid that brought an entire company staffed by mature, technically astute adults to bankruptcy. Excersising power, having an impact, feels good, feels like importance - and in their self-absorbed state of mind the plight of the people affected does not enter in.
It's pretty easy to tell good laws from bad ones, using objective standards:
Good laws protect individual freedoms and provide a level playing field for everyone.
Bad laws destroy liberty and favor special interests over the good of the whole.
Why is it that the proponents of "one nation under God" are so eager to get rid of "liberty and justice for all"?
For one section, they had cameras sit in on a bunch of young military techies studying the logistics of combating a huge hack-attack; like nuclear power plants being shut down or hacked into danger zones. Airlines losing planes. That kind of thing.
I've been pondering just how exactly the developed nations could be whammied into a state of martial law. The current world situation doesn't have enough momentum to actually put thousands of Americans in prison camps. And the forces which drove the Nazis just aren't there. ("We are descendants of superior Aryans from space!" -No joke.) People today, while easily manipulated, haven't been sold that kind of propaganda, but it remains quite clear that a form of undeclared fascism (That is, "freedom", so long as you eat shit, breath shit, think shit, absorb shit media, and work too hard, and don't mind being overseen by Shirow-style O.R.C.S. with machine gunes, in order that you be reduced to the position of Zombie-like Serfdom), this it seems to me, will be the natural conclusion given the forces of greed and corporate evil moving in the world today.
Choice means that people might not buy your product. Remove choice, while maintaining the illusion of a free society, and bingo! You have the perfect consumer; driven because s/he still believes in the American Dream, but a serf nonetheless, whose task it is to pour wealth into the coffers of the powerful. And to be miserable for those who eat misery. . .
Anyway, it was interesting; the documentary basically said the following:
One military analyst basically said, with a straight & serious face, that in the event of a huge digital attack, "Declare martial law. Shut everybody down and take control of the situation. That'd be my recommendation."
Hmmm.
I don't know how true the above is, but the fact that it was being sold by a respected authority voice, indicates that they're trying to soften people up for just such a turn of events.
-Fantastic Lad
Have you tried recently to sue a 14-year-old in Singapore or Russia or South America?
They're monkeys hurling feces. They will stop if they think a bigger monkey will kick their ass. That's why they're not firebombing people, because if they did that they'd get caught. But the cop monkeys don't understand DoS attacks so there is no fear of reprisal. Look at how monkeys deal with the issue. Do you really think humans have any better a handle on it?
it's kind of ironic that it's really the ISPs that are to blame for the proliferation of DDOS attacks anyway, they are the ones allowing their users machines to send out ping floods and nasty UDP crap in the first place. ISPs seem eager enough to bump users off for exceeding their (usually unpublished) bandwidth limits, but they couldn't care less about virus and DDOS traffic.
That was classic intercourse!
No, a terrorist probably wouldn't, but a hobbyist chemist might, just to see if they can.
Likewise, no a cracker probably wouldn't write a cracking tool/DoS tool/whatever unless they were intending for it to be used, but I might. Maybe I want to see what's involved, maybe I want to gain some sort of insight into how they're developed and how they work, the better to secure my own system(s). Hell, maybe I just have some time to kill, and can't think of anything better to do with it.
Knowledge should not be illegal. The use of that knowledge to the detriment of others is an entirely different matter, and should not be confused with the mere possesion of that knowledge.
Cheers,
Tim
It's official. Most of you are morons.
I think a lot of people are like this.... until someone comes along and does something horrible to them. Then they change their toon fast. I am not saying this against you Aceticon, but you know it's true. People scream for freedoms until they get abused by it and then the song changes. Just a thought.
Sent from your iPad.
Do these kids need a hug?
:)
Actually, this is probably closer to the truth than most people realize.
I will agree with this. These kids are doing this to make themselves feel powerful. They want to feel important, significant. If they were made to feel their significance by the people to whom they should be significant - their parents - perhaps they would be less likely to seek a feeling of power in mindless destruction. Though there is no guarantee - even a person without excuse, loved, cared for, etc. can lack the self-control to tame their baser desires.
If you think about it, you realize it is only possible to hurt someone else (or their property) if you feel like you are hurting yourself.
Now I have to disagree - sort of. Their indulgence in malice and cruelty, their seeking after the thrill of power does them harm. But in their self absorbtion they are only aware of how good it feels to wield that power - to feel important. They do not feel hurt, they feel powerful.
The really sad thing is, when we find someone who is hurting, and has demonstrated this to us by hurting someone else, we hurt them more by punishing them. Thats a human approach, but it will only result in larger problems. When someone hurts us we should help them by giving them a hug... or something
Here I have to disagree - for several reasons. First: If someone cannot exersise enough self-control to refrain from hurting others they must be externally controlled by someone else (the state or their parents) - either by actual physical restraint or by the credible threat of punishment. Also, while they still need "a hug" love and acceptance from those from whom it is due - now that is not enough. I don't think their can be healing without honest regret (not just regret for being caught but for being *wrong*) - that is up to the criminal, no one can either force them through punishment or manipulate them through compassion to arrive at that repentance. There also can't be healing without suffering real (depending on the crime even harsh) consequences. Even kids have an inate sense of justice (that I believe is valid) and that even criminals will acknowledge. It does not do the do the victim or society at large - but especially the criminal - any favors by bypassing the requirements of justice. A penitant criminal who has been punished for his crimes can start again. A penitant criminal who has escaped punishment will feel the unfairness of that escape and a continued sense of guilt. He will be crippled in his ability to begin anew. An unrepentant criminal will take either scenario as an excuse to continue in their crime.
Seriously though, I could care less about the proliferation of DoS/DDoS tools. What bothers me is that the ISPs where this crap is coming from have never been blackholed by the rest of the community. It's not THAT hard to implement a widespread policy of filtering source packets, and that cuts down on a LOT of the methods used by the skript kiddiez.
The pathetic part about it all is it was already a problem in '95, and source-filtering was strongly recommended then. Soon after, no ip directed broadcast became also strongly recommended. Sadly, I can still get a 250:1 return on a forged ICMP ping (thankfully, their outgoing bandwidth is only a T1)
The real culprits are the people too lazy or inept to be allowed to run a network.
--Dan