Slashdot Mirror
DoS Attacks Persisting, On The Rise
thelizman writes "One of the most basic "hacks" (to use the media's bastardization of the term) is a Denial of Service attack. While not getting you any access to data on a machine, DoS attacks effectively shut down machines by making them inaccessable to others. CNN is carrying and IDG.net story about how DoS attacks are still one of the leading threats on the Internet, and are actually on the rise as the sophistication of the attacks increases." We get them constantly- some intentional, some not. It's really
a pain.
-- dforce
SELECT * FROM USERS WHERE A_WINNER = "YUO";
At least now a days it a takes a modicum of sophistication to launch a DoS attack. I remember when it was possible to download windows programs to Win Nuke(win 95 vulnerability) people at will.
Veramocor
Will there ever be an end to Dos Attacks?
:)
I don't think there can be.
If you look at the TCP/IP, and most importantly IP protocol, there is nothing you can do.
Some would say have a 'supersmart' router that would kill all packets that are from the same host.. but what's the point.. what if the router fills up its buffer?///...
It's like McDonalds at lunch... everyone gets there at the same time.. they all want something, they're going to pay (in a DoS attack, this is what it *looks*like, but its really one person doing this) so the lines get long.. Poor me can't get lunch as fast a possible..
there's nothing we can do to solve the problem unfortunately.
The only real solution is to beef up security on as many systems as possible. Once this is done, a hacker can't get the resources in order to launch a big DoS attack.
This is a really hard task, of course... but maybe security should be more of a main focus on the home desktop systems, especially since broadband is getting so easy to obtain.
Another reason why M$ needs to get their thumbs out of their a$$e$ and release more secure OS's... Open Source is already trying to actively take care of the problem
Whee
-Sase
------------
Sase
"It's the opposite of that."
Steve Gibson is an idiot.
Vintage computer games and RPG books available. Email me if you're interested.
I went to a talk by Roger Needham (a few years ago now, I don't know if this is still his view) on secure protocols. Lots of interesting stuff on strategies for designing secure protocols and algorithms, and theoretical attacks and so on.
But just passing mention of DOS attacks - these are boring to academics because they are easy to do and impossible to counter so there's no research to do and no papers to write.
(I paraphrase slightly, and I probably remember the details wrong anyway, so any flaming should be directed at me, not Roger.)
Steve Gibson is a kook and a crackpot. He's an alarmist, but unfortunately people not "in the know" tend to listen to him (most likely because he is an alarmist). He rails against raw sockets in XP, never bothering to notice that NT (which XP is based upon) has had raw sockets for a long time, and that it's possible to modify the Win9x TCP/IP stack to allow for raw socket-like abilities. Nevermind that raw sockets are only available to administrative users in NT, as with any *nix (problem -- too many users run with administrative rights on NT, which is the equivalent of running as root all the time. This is the true problem, not raw sockets, and should be the one that's addressed). His "Distributed Reflection" DoS is nothing new. Hax0rs and kiddies have been doing it for a while. His GENESIS project is basically poorly-implemented SYN cookie protection. And so on and so on ...
In short, the guy's a nut and only nut's pay attention to him. Try a real security site, like SecurityFocus.
Why does everyone allways accuse the scriptkiddies of performing DOS attacks - or worse they call it hacking a server with a DOS attack?
I mean it takes some cunningness to 0wn a couple of hundred machines with a simple dail-up aol account..
Some companies hire blackhat people to DOS their competitors once in a while, think of mail-servers. Other groups DOS certain sites because of their ethical/political/religious backgrounds. So now all of a sudden every "malicious" computer user is a scriptkiddie?
The only scriptkiddies in these stories are the journalists that form their conclusions according to a certain script that's allways used when it's a story about something "evil" with computers.
Don't be a scriptkiddie yourself by making these hollow statements
Most companies run their websites on Mickey Mouse web servers. I've worked at several large ISP's and none of them really had adequate server power to deal with a /.-like effect.
/. while serving up another 364 days of reliable service. There's no point in being bleeding-edge just to satisfy link sites, such as slashdot..
/. effect, I think there's some old post by one of the moderators on here somewhere, I leave ye to find it. :)
Nowadays, you can fit a class C worth of websites on a single machine and save a lot of money. So what if you don't survive one day of
If you are looking for specs of a
Regards,
Victor
He does go on to state that raw sockets are only a problem in administrator mode. The real cause for panic is that under WinXP, every user is administrator by default. Yes, we know that is bad, but the average user has no idea what's going on. To make matters worse, most programs won't run properly under XP if you aren't logged in under an administrative account, especially games.
Bill Clinton: Pimp we can believe in. - The Shirt!!!
These are numbers from last year, so I'd imagine they're a little bit higher. Slashdot had 1.2 million page views a day. Between the halt of classic.themes.org and the new one, t.o was getting about 120,000 page views a day. When an article was posted on slashdot saying "help *link*themes.org" it jumped up over 300,000 for a day or so and went down over a week or two to get back to 120,000. The guy that humiliated bernard shiffman also documented his slashdot experience, pretty interesting stuff.
to use the media's bastardization of the term
You know, I keep telling people that "gay" means "happy", but nobody wants to listen, they insist on bastardizing the term. Whenever I use it in conversation to mean happy, I get strange looks. These idiots around me insist on using the word to mean "homosexual", but my trusty 1960's dictionary VERY CLEARLY states that it means "happy".
Duh. Language is defined by HOW PEOPLE USE IT, period. If 99% of people use "hack" to mean a certain thing, then guess what, THATS WHAT IT MEANS, by definition of how languages are defined.
My advice to all these whiny people on /. who think that using "hack" in its original computer-related meaning makes them superior to others: GET OVER IT ALREADY.
I still agree with the orignal poster that he's a huge alarmist and a sensationalist. Look at his whole shtick on "NanoProbes" (http://grc.com/np/np.htm). He talks about this like it is some new-to-the-world technology. When you read through all the marketing bullshit you come to realise it is nothing more than sending things like empty syn packets and stuff nmap and the like have done for years.
Gibson has a real overinflated sense of his own importance and loves to make it sound like all his discoveries are huge and that the consequences of not obeying his advice are dire. However you begin to notice that he is never mentioned in any of the big security news. He's a smart guy and a deceant programmer, no doubt, but he lets his ego get in the way of his good judgement and has a tendency to exegarate the truth.