Slashdot Mirror
DoS Attacks Persisting, On The Rise
thelizman writes "One of the most basic "hacks" (to use the media's bastardization of the term) is a Denial of Service attack. While not getting you any access to data on a machine, DoS attacks effectively shut down machines by making them inaccessable to others. CNN is carrying and IDG.net story about how DoS attacks are still one of the leading threats on the Internet, and are actually on the rise as the sophistication of the attacks increases." We get them constantly- some intentional, some not. It's really
a pain.
someone writes a virus that spreads through the Kazaa or gnutella network. That will be a fun day.
p2p is the biggest ddos mess waiting to happen. If there is a hole in the client, then who knows how far it could spread before stopping.
Having been on of the admins for a pretty large website (top 50 according to Media Metrix), I can definitely state that DoS attacks are a royal pain. Sure, you can throw infrastructure at a problem and alleviate it, but you can't defeat it -- and they just keep coming. It's the type of attack I've never understood: it doesn't gain the attacker anything (unlike rooting a box), it's nothing but being a hoodlum.
"You can never have too many elephants on your team."
The thing that really bugs me about DOS attacks, besides the fact that they cause damage and annoy admins, is that they don't show any real talent.
It's not impressive to bring a system to its knees by DOSing it. You do, however have to respect the guy who discovers some huge hole that he exploits on some system and gains access.
You gotta respect him more if he tells you about it, and how to fix it.
God save our Queen, and Heaven bless The Maple Leaf Forever!
probably not if the judge has any sense at all.
There's a fundamental difference between a DoS or DDoS attack and the so-called /. effect. In the first two cases, the attacks generally come from remote controlled machines or zombie machines and is instigated by a very few number of people, or even just one person. In the case of the /. effect, each and every viewing of the webpage is deliberately instigated by a separate human being.
While most analogies of /. suck, I'll add one more: It's somewhat akin to the difference between a half dozen people chaining themselves to the entrance of a Starbucks and stopping people from entering as a means of protesting globalization and a couple hundred people all trying to get in at once because a radio DJ points out that they're selling double-shot mochas for a penny each.
. --- If you're looking for free e-mail you won't find it here! http://www.noemailhere.com
Harumph. An article about DOS/DDOS that doesn't mention Dave Dittrich.
There oughta be a law.
"In the case of the /. effect, each and every viewing of the webpage is deliberately instigated by a separate human being."
But what if a Lawyer made an argument along the lines of: "Slashdot intentionally posted a link to their site knowing that an overwhelming increase of traffic would hit my client's servers."? What if Blizzard, for example, attempted to sue Taco because of being flooded with too many hits (or negative emails) from opinions posted on Slashdot?
The difference between Slashdot and a news site such as CNN is that more opinions make their way to the front page. For example, remember the article that said MS kicked Sony out of CeBit? That's not what happened, but that was the view it posted.
"Derp de derp."
"So why are you claiming the media bastardizes the term when this author actually uses the correct terminology?"
Because the 'media' is a representation of the entire news broadcasting world and not the individual author?
"Derp de derp."
I've gotten a couple DoS attacks in the past few months. I suspect they're coming from someone who I was playing a game online with and who wanted an extra advantage. Just last night I was playing BZFlag (quite a fun game, btw) when I was attacked. It makes me hesitant to play games online with strangers, as it could affect the bandwidth of not only me, but others in the house who share a connection with me as well.
I'm doing this post anonymously because I don't want to waste k-points on telling everyone this and getting the inevitable mod-down, but I think it's essential:
Everyone knows when a site gets posted on slashdot, the chances are that it'll experience some down time as it's receiving too much traffic. Yes, we know it's the slashdot effect. But don't repeat it over and over again for christ's sake. I honestly would of debated spending any of my mod points on the first of the jokes, let alone the fifth or so, yet they still seem to get encouraged with positive points.
Redundant and off-topic applies to all of you who keep cracking the same lame-ass, repetetive, trite as all fuck joke.
Sure, SG is paranoid, but in a good way. He hasn't reached the kook level just yet. When he starts promoting cold fusion, then you can back away slowly.
/.
Best Current Practice recommends egress filtering for all networks. Are yours in place?
The big problem with DOS and DDOS is the untraceability provided by networks who do not prevent address spoofing with egress filters. If traffic is traceable, criminals get caught.
Before anyone's knee jerks, let me point out:
1) this is not a performance issue. Routing hardware and software (LRP for example) is widely and cheaply (compared to line costs) available that can implement egress filtering without any noticeable effect on line speed. Face it, processors are faster than telecommunications.
2) Egress filters do not improve a repressive regime's ability to finger political dissidents.
3) Egress filters are unlikely to impact privacy - unless what you are trying to keep private is destructive activity. Post a real example if you disagree.
4) I know it's not a cure-all. It's a necessary first step, though.
While Congress milks the entertainment industry for campaign funds in exchange for "digital rights management" facism, they ought to be mandating specific monetary penalties for businesses that do not implement egress filters, and for ISPs that do nothing about hundreds of Code-Red infected nodes on their cable farms. I shouldn't have to pay Comcast if my bandwidth is being principally used by criminals to fill my firewall logs.
I post this every time the subject comes up; next time I'll just make a flippin' link to the BCP RFCs. I'm sure you'll all be relieved.
--Charlie
Sure it does! Can't make Hotmail work right? Well, just blast away everything else from AOL to Yahoo with spam. Don't like what Slashdot is saying about your "product"? Just sign up 100 troll accounts and flood the comments with enough highly moderated garbage to try a saint. Denial of someone else's service is good when you are a twisted greedhead that wants to own everything and tell everyone what to do.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Ok, well I apolagise for misinterpreting your comment, but I still contest the opinion that Slashdot is any different from CNN. How many times do you think a headline from CNN concerning topics such as the war in Afghanistan has been exaggerated or presented misleading facts because it makes the American government sound better? Slashdot is to Microsoft as CNN is to Afghanistan. Microsoft is the enemy to many of us, and our biased headlines about it are just as excusable as CNN's headlines about Afghanistan.
"If liberty means anything at all, it means the right to tell people what they do not want to hear." --George Orwell
I learned what's an editorial comment there. Let's see:
"One of the most basic "hacks" (to use the media's bastardization of the term) is a Denial of Service attack.
You mean the hacker term or the Denial of Service term? Clarify.
-1
While not getting you any access to data on a machine,
And since when is this the bastard hacker term meant to be? Hacker, by the media, would mean "cracker", and crackers don't want "information". Hackers do, crackers want to cause confusion (unless information == fast money/recognition)
-1
DoS attacks effectively shut down machines by making them inaccessable to others.
Yeah? And how does this happens? Another assumption I understand all anacronyms out there.
-1
CNN is carrying and IDG.net story about
No comments.
-1
how DoS attacks are still one of the leading threats on the Internet, and are actually on the rise as the sophistication of the attacks increases." We get them constantly- some intentional, some not. It's really a pain.
Oooooh, finally the meat. That's what the news is about, not the opinion from who whatever wrote/published this article.
-1.
Grammar errors from me are a bonus.
Buy a Nintendo DS Lite
What you are describing is not DOS. This is pushing "fair" use to its "fair" limits. Yes. I can use all of my spare DSL bandwidth to screw someone over. Actually with QoS deployed on my gateway Linux or BSD box I would not even notice it.
And it sounds like a jolly good idea. Methinks I need to write a HowTo so people who are not that profficient in Linux/BSD admin can do it. Let's face it the relevant parts of Linux and BSD docs are nightmarish and they are not end-user material.
Brgds,
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/