Slashdot Mirror
DoS Attacks Persisting, On The Rise
thelizman writes "One of the most basic "hacks" (to use the media's bastardization of the term) is a Denial of Service attack. While not getting you any access to data on a machine, DoS attacks effectively shut down machines by making them inaccessable to others. CNN is carrying and IDG.net story about how DoS attacks are still one of the leading threats on the Internet, and are actually on the rise as the sophistication of the attacks increases." We get them constantly- some intentional, some not. It's really
a pain.
Will there ever be an end to Dos Attacks?
:)
I don't think there can be.
If you look at the TCP/IP, and most importantly IP protocol, there is nothing you can do.
Some would say have a 'supersmart' router that would kill all packets that are from the same host.. but what's the point.. what if the router fills up its buffer?///...
It's like McDonalds at lunch... everyone gets there at the same time.. they all want something, they're going to pay (in a DoS attack, this is what it *looks*like, but its really one person doing this) so the lines get long.. Poor me can't get lunch as fast a possible..
there's nothing we can do to solve the problem unfortunately.
The only real solution is to beef up security on as many systems as possible. Once this is done, a hacker can't get the resources in order to launch a big DoS attack.
This is a really hard task, of course... but maybe security should be more of a main focus on the home desktop systems, especially since broadband is getting so easy to obtain.
Another reason why M$ needs to get their thumbs out of their a$$e$ and release more secure OS's... Open Source is already trying to actively take care of the problem
Whee
-Sase
------------
Sase
"It's the opposite of that."
Steve Gibson is an idiot.
Vintage computer games and RPG books available. Email me if you're interested.
I went to a talk by Roger Needham (a few years ago now, I don't know if this is still his view) on secure protocols. Lots of interesting stuff on strategies for designing secure protocols and algorithms, and theoretical attacks and so on.
But just passing mention of DOS attacks - these are boring to academics because they are easy to do and impossible to counter so there's no research to do and no papers to write.
(I paraphrase slightly, and I probably remember the details wrong anyway, so any flaming should be directed at me, not Roger.)
Why does everyone allways accuse the scriptkiddies of performing DOS attacks - or worse they call it hacking a server with a DOS attack?
I mean it takes some cunningness to 0wn a couple of hundred machines with a simple dail-up aol account..
Some companies hire blackhat people to DOS their competitors once in a while, think of mail-servers. Other groups DOS certain sites because of their ethical/political/religious backgrounds. So now all of a sudden every "malicious" computer user is a scriptkiddie?
The only scriptkiddies in these stories are the journalists that form their conclusions according to a certain script that's allways used when it's a story about something "evil" with computers.
Don't be a scriptkiddie yourself by making these hollow statements
I still agree with the orignal poster that he's a huge alarmist and a sensationalist. Look at his whole shtick on "NanoProbes" (http://grc.com/np/np.htm). He talks about this like it is some new-to-the-world technology. When you read through all the marketing bullshit you come to realise it is nothing more than sending things like empty syn packets and stuff nmap and the like have done for years.
Gibson has a real overinflated sense of his own importance and loves to make it sound like all his discoveries are huge and that the consequences of not obeying his advice are dire. However you begin to notice that he is never mentioned in any of the big security news. He's a smart guy and a deceant programmer, no doubt, but he lets his ego get in the way of his good judgement and has a tendency to exegarate the truth.