Slashdot Mirror

← Back to Stories (view on slashdot.org)

DoS Attacks Persisting, On The Rise

Posted by ryuzaki0 on from the aint-it-the-truth dept.

thelizman writes "One of the most basic "hacks" (to use the media's bastardization of the term) is a Denial of Service attack. While not getting you any access to data on a machine, DoS attacks effectively shut down machines by making them inaccessable to others. CNN is carrying and IDG.net story about how DoS attacks are still one of the leading threats on the Internet, and are actually on the rise as the sophistication of the attacks increases." We get them constantly- some intentional, some not. It's really a pain.

5 of 287 comments (clear)

  1. DoS sucks by El+Volio · · Score: 5, Insightful

    Having been on of the admins for a pretty large website (top 50 according to Media Metrix), I can definitely state that DoS attacks are a royal pain. Sure, you can throw infrastructure at a problem and alleviate it, but you can't defeat it -- and they just keep coming. It's the type of attack I've never understood: it doesn't gain the attacker anything (unlike rooting a box), it's nothing but being a hoodlum.

    --

    "You can never have too many elephants on your team."

  2. Stupid script kiddies. by dadragon · · Score: 4, Insightful

    The thing that really bugs me about DOS attacks, besides the fact that they cause damage and annoy admins, is that they don't show any real talent.

    It's not impressive to bring a system to its knees by DOSing it. You do, however have to respect the guy who discovers some huge hole that he exploits on some system and gains access.

    You gotta respect him more if he tells you about it, and how to fix it.

    --
    God save our Queen, and Heaven bless The Maple Leaf Forever!
  3. Re:DOS is dead by NanoGator · · Score: 4, Insightful

    "In the case of the /. effect, each and every viewing of the webpage is deliberately instigated by a separate human being."

    But what if a Lawyer made an argument along the lines of: "Slashdot intentionally posted a link to their site knowing that an overwhelming increase of traffic would hit my client's servers."? What if Blizzard, for example, attempted to sue Taco because of being flooded with too many hits (or negative emails) from opinions posted on Slashdot?

    The difference between Slashdot and a news site such as CNN is that more opinions make their way to the front page. For example, remember the article that said MS kicked Sony out of CeBit? That's not what happened, but that was the view it posted.

    --
    "Derp de derp."
  4. EGRESS FILTERS are STILL not implemented by ISPs by Medievalist · · Score: 5, Insightful

    /.
    Best Current Practice recommends egress filtering for all networks. Are yours in place?

    The big problem with DOS and DDOS is the untraceability provided by networks who do not prevent address spoofing with egress filters. If traffic is traceable, criminals get caught.

    Before anyone's knee jerks, let me point out:

    1) this is not a performance issue. Routing hardware and software (LRP for example) is widely and cheaply (compared to line costs) available that can implement egress filtering without any noticeable effect on line speed. Face it, processors are faster than telecommunications.

    2) Egress filters do not improve a repressive regime's ability to finger political dissidents.

    3) Egress filters are unlikely to impact privacy - unless what you are trying to keep private is destructive activity. Post a real example if you disagree.

    4) I know it's not a cure-all. It's a necessary first step, though.

    While Congress milks the entertainment industry for campaign funds in exchange for "digital rights management" facism, they ought to be mandating specific monetary penalties for businesses that do not implement egress filters, and for ISPs that do nothing about hundreds of Code-Red infected nodes on their cable farms. I shouldn't have to pay Comcast if my bandwidth is being principally used by criminals to fill my firewall logs.

    I post this every time the subject comes up; next time I'll just make a flippin' link to the BCP RFCs. I'm sure you'll all be relieved.

    --Charlie

  5. Re:Wait until.. by Liquor · · Score: 5, Insightful
    The Kazaa and Gnutella networks are protocols.
    No, they are many computers running programs that implement protocols.
    Protocols can't catch viruses.
    True. Unfortunately, the Kazaa program installs more than one protocol handler - one is the file sharing protocol itself, and another is a 'distributed computing' facility that allows (theoretically only the Kazaa servers, but...) remote control of the machine. Compromising this functionality would allow distributing malware through the entire network.
    Now if you're talkinga 'bout attacking specific flaws in Kazaa client software, or Gnutella software, then so be it - but that's not the network!
    Well, if you infect all the machines that make up a network using a flaw in the code that creates that network, I'd have to say that the network is infected. And if there is an attack that works on any client, then the first machine compromised already knows the addresses of more machines... worm code that uses the network topology (which is NOT the protocol) could then propagate to the entire network - potentially millions of machines, dwarfing the scale of even the 'code red' worm.

    And if that's not effectively spreading through the network, I don't know what would be.
    Moderate this fool back to 1.
    The parent of your post is not the fool - but you definitely failed to understand the post.

    --

    Liquor
    Sanity is a highly overrated commodity.