Slashdot Mirror

← Back to Stories (view on slashdot.org)

DoS Attacks Persisting, On The Rise

Posted by ryuzaki0 on from the aint-it-the-truth dept.

thelizman writes "One of the most basic "hacks" (to use the media's bastardization of the term) is a Denial of Service attack. While not getting you any access to data on a machine, DoS attacks effectively shut down machines by making them inaccessable to others. CNN is carrying and IDG.net story about how DoS attacks are still one of the leading threats on the Internet, and are actually on the rise as the sophistication of the attacks increases." We get them constantly- some intentional, some not. It's really a pain.

6 of 287 comments (clear)

  1. DrDoS by ZaneMcAuley · · Score: 5, Interesting

    Distributed Reflection Denial of Service

    http://grc.com/dos/drdos.htm

    Looks nasty :D

    --
    ----- Whats wrong with this picture? http://www.revoh.org:1234/whatswrong
  2. The future of DDoS as told by Gibson by marekk · · Score: 4, Interesting

    A very engrossing read can be found at Steve Gibson's homepage of his account of the DDoS attack grc.com was subjected to earlier this year.

    In effect, Gibson tracked down the 13 year-old attacker by dissecting the zombie program (aka, trojan bot) used in the attacks and created his own version of the undercover bot to monitor the hacker's IRC channels and conversations. As I said before, an extremely interesting read. It really brings out the urgency of Gibson's alerts as to the future of DDoS attacks.

  3. Poorly managed networks are a problem too. by LojaK · · Score: 4, Interesting

    One of the most common problems I've encountered in my years as a systems administrator is poorly managed networks. If a network is designed without the presence of mind anticpating DoS attacks, then frankly, the victim company deserves *some* of the blame for the problem.

    One mid-sized ISP I worked for had been operating for 5 years prior to my employ and the network operators had never heard of monitoring tools like MRTG, RRDTool, Netsaint or Big Brother etc etc!

    "We do it to ourselves and that's what really hurts" -- Radio Head.

    -- Steve.

  4. Starting to get into Commercialization by BakaMark · · Score: 4, Interesting
    DOS attacks are rarely about sophistication - it's pure destructive potential.

    Sometimes you have to wonder about some of the targets of these DOS attacks and how they are organised.

    Some of the major ones are obvious, Microsoft, Ebay, Yahoo, etc. But when you start to get to the small to medium sized companies being hit by large DOS attacks, because their systems are sufficiently patched against break-ins, something begins to become worrying.

    The questions range from why such a small target for such a large attack, and how the target was selected. Occasionally you get to hear stories about how some small ISP had their lines choked by a huge DDOS, meaning that customers started leaving and going to the competition. There is one other post elsewhere here that identified that a British ISP was put out of business because of the efforts of continous DOS attacks.

    Spite sometimes is a factor, but it takes a certain degree of organisation to launch a continous attack such as that. Spite of someone will only get you so far. And there is not that much prestige in taking out a medium sized company. After all within the current climate, medium sized and some large sized companies are finding it harder to remain in business from an economic sense.

  5. Need power to get ISP's to cooperate by PhotoGuy · · Score: 5, Interesting

    One of the biggest problems in DOS attacks, is that you just can't get the attention of major ISP's or backbones to trace and solve the problem.

    We had major DOS attacks on our site for ages. But when the customer of a major national ISP is the source of it, try getting ahold of someone at that company to track the problem. They just won't respond to these things, in our experience.

    I think that for any company to provide internet service, they should be *required* by law, to cooperate in tracking and stopping DOS attacks from their customers. There needs to be a consistent, predictable, and workable national policy for this.

    If someone calls me with threatening phone calls, I *know* it's possible to get the phone company to cooperate, track, and isolate the problem, even if it originates with another phone company. The same should be true with ISP's.

    --
    Love many, trust a few, do harm to none.
  6. DoS as self-defense against "bad guys" by DocSnyder · · Score: 5, Interesting
    it doesn't gain the attacker anything (unlike rooting a box)

    Sometimes DoS can be a not-really-fine but very effective method of self-defense. In Germany we have a quite big problem with spam advertising dialers - little programs which redirect a w1nd0z3 box's internet dialup connection to an extremely expensive special number which is normally used for phone sex or premium services. One short connection can cost up to 900 € (that's no joke, there's no limit), and as some dialers hide well while replacing the default connection, some people got a phone bill of more than 10000 € at the end of the month.

    During the second halfth of March, I got about five of these dialer spams each day. Other people got even more. The web hoster - a company selling these dialers - didn't act against any incidence of spam, the download accounts remained open for weeks regardless of any complaints. Their uplink... well, UUnet. As the discussion on the Usenet forum "de.admin.net-abuse.mail" went on, even the web hoster's boss himself joined and couldn't understand to be responsible for knowingly tolerating his customers abusing his service - of course he made a lot of money even by spamvertised dialers.

    About a week ago, some spam victims were completely fed up. As the legal methods didn't work at all, the dialer should be made unavailable by distributed mass-downloading. The threat escalated in a clear message to the site maintainer - either go against your spamming customers or see your dialer being downloaded until the server blows the whistle.

    The story appeared on Heise News which has a quite large reader base in Germany, to be read by lots of angry people whose inboxes were full of dialer spam. The "Heise effect" was enough for the site maintainer to become really scared - lots of DSL and broadband users started to download the dialer not only once but as often as they could. The web server became too busy to serve dialers even to people who would want it. The company selling these dialers didn't have any choice - either stop supporting spammers or have their dialer server slashdotted until it blows the whistle. Only a day later the company's boss agreed on getting rid of and seeking legal action against spamming customers.

    A few days later, another spam went around, advertising a dialer hosted on an Eastern-European web server. Same game: the spam victims squeezed the dialer out of the web server as many times as possible. The site got hosed so badly that even a few hours after the spam incident, the dialer was no longer available.

    As a result, if you really want to hit a spammer, DoS^H^H^H/.ing his web site - especially large files or CGI scripts - has finally proved as much more effective than blacklisting, LARTing or anything else (which still remains useful, though). Even big providers will notice a gigabyte-large traffic peak towards only one target.