Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Low Bandwidth Denial of Service Attacks

Posted by CmdrTaco on from the i'm-very-slow dept.

An anonymous reader writes "A paper from Rice University appearing at the 2003 ACM Sigcomm Conference presents a new denial of service attack where the attacker only needs to send at a low rate to shutdown TCP flows. The trick exploits the retransmission timeout mechanism in TCP. By sending small bursts of packets at just the right frequency, the attacker can cause all TCP flows sharing a bottleneck link to simultaneously stop indefinitely. And because the attacker only needs to burst periodically, the attacker will not be distinguishable from normal hosts. The presentation, and other presentations from the conference, are available online (live streaming)."

39 of 366 comments (clear)

  1. yay by geighaus · · Score: 4, Funny

    Yay, finally there's use for my trustworthy 2400bod modem :D

    1. Re:yay by cK-Gunslinger · · Score: 4, Funny

      2400 baud? Back in my day, I had to run back and forth to my ISP yelling in binary.

      "101010100010100"

    2. Re:yay by zptdooda · · Score: 2, Funny

      I've heard that called "sneakernet".

      Well actually, running from one computer to another with a floppy containing the files to transfer :(

      --
      Esteem isn't a zero sum game
    3. Re:yay by CERDIP · · Score: 4, Funny

      Yeah, and it was upstream both ways, too!

      --
      ---- ---- --- -- --- ------ Keep Cool But Do Not Freeze
    4. Re:yay by KUHurdler · · Score: 5, Funny

      You had "1"s? all I had were zeros

      --
      Fix Your Own TV - RiddledTV.com Avoid the Landfill
    5. Re:yay by infinite9 · · Score: 2, Funny

      Yeah, my legs used to get tired all the time. Then they upgraded to carrier pigeon and man was that fast. Where do you think "no carrier" came from?

      --
      Disconnect your television. Do your own research. Draw your own conclusions. They're probably lying. Don't be a sheep.
  2. This is not new by Anonymous Coward · · Score: 1, Funny

    Ever heard of...Slashdot?

  3. Once again, OSS apps drop the ball. by Anonymous Coward · · Score: 1, Funny

    My God, another TCP exploit? This will all end when Microsoft releases their own TCP replacement.

  4. SCO? by chill · · Score: 2, Funny

    I wonder if this had anything to do with the "coordinated DDOS" that SCO was experiencing the last couple of days? The one ESR was referring to and supposedly convinced someone to stop doing.

    Damn sneaky way to get another SCO story on to /.

    --
    Learning HOW to think is more important than learning WHAT to think.
  5. Tough paper to read by Brahmastra · · Score: 5, Funny

    This is a tough paper to read. It's going to be a long time before an "Insightful" post.

    1. Re:Tough paper to read by SoTuA · · Score: 1, Funny
      This is a tough paper to read.

      BWAHAHAHAH!

      This is /.

      Who needs to read the article to be "insigthful"? ;)

    2. Re:Tough paper to read by SuDZ · · Score: 4, Funny

      There is already a handfull of people trying to prove you right. :)

      SuDZ

  6. Low bandwith DOSing? by XSforMe · · Score: 5, Funny

    are available online (live streaming).
    This guy is an amateur, wait until he feels the slashdot effect on his server. His next presentation will be entitled, how to knock down any server by just posting an article.

    --
    My other OS is the MCP!
  7. Arrest them! by canajin56 · · Score: 5, Funny

    Good grief, they are giving instructions for how to DoS people! Arrest them using the DMCA! QUICK, BEFORE THE CAT IS OUT OF THE BAG!

    --
    ASCII stupid question, get a stupid ANSI
  8. "Coordinated DDOS" by mcc · · Score: 4, Funny

    [Scene: SCO Group, Utah. Where a "coordinated DDOS" is just beginning..]

    [SUIT 1] Uh, hey, uh.. this one computer here.. it's like the webserver or something?
    [SUIT 2] Yeah, I think, why?
    [SUIT 1] Well, none of the lights on it are on.. that's.. hm.
    [SUIT 2] Oh, yeah, hey, look at that, someone seems to have tripped over the cord and unplugged it. [[Switches it back on]]
    [SUIT 1] Huh.. um.. it doesn't seem to have started up all the way. It's saying something about "fsck" and asking for a password. What does that mean?
    [SUIT 2] Hm, not sure.
    [SUIT 1] Well.. could we get one of the linux guys to come and reboot it? Or something?
    [SUIT 2] Well, we fired all of the linux guys so that we could concentrate all our resources on the lawsuit.
    [SUIT 1] Uh.. shit! Well, I guess I better figure something out.. hmm
    [[ Two days later, after two days of phone calls, SUIT 1 finally finds an INDEPENDENT CONTRACTOR who doesn't just laugh and hang up on him when he says he wants them to come fix a linux server. INDEPENDENT CONTRACTOR starts the linux server up all the way and charges a great deal of money. "Coordinated DDOS" thus ends. ]]

    --
    Irritable, left-wing and possibly humorous bumper stickers and t-shirts
    1. Re:"Coordinated DDOS" by Richthofen80 · · Score: 3, Funny

      Step 1: Make fun of SCO
      Step 2: ???
      Step 3: Karma!

      come on guys, that wasn't even very funny.

      --
      Reason, free market capitalism, and individualism
  9. Re:yay (faker!) by gosand · · Score: 5, Funny
    Yay, finally there's use for my trustworthy 2400bod modem :D

    Anyone who is actually old enough to have used one of these would certainly know how to spell it correctly.

    I call faker! You are just trying to pretend you are some 31337 old geek when you probably have never used anything slower than a DSL line.

    Now get out of here before I whip ya with this here cable with BNC connectors.

    --

    My beliefs do not require that you agree with them.

  10. Aha! by Pig+Hogger · · Score: 3, Funny
    So that's what happenning to Joe Jared's Osirusoft black-hole list, and the SPEWS website...

    I call to all arms-bearing full-bloodied americans to rush home, take their trusty shotguuns, and relentlessly hunt down spammers until the last one is gutted and stuffed and put on display in the Smithsonian!!!

  11. Re:yay (faker!) by geighaus · · Score: 2, Funny

    well, i've got a good excuse. my native language is not english :p

  12. Re:Oh no! They're attacking... slowly... by Wolfger · · Score: 4, Funny

    It seems to me that the solution is to have a variable RTO... Kinda like when LaForge had to continually modulate the shield frquency to keep the borg from adapting. :-)

    --
    Nothing to see here. Move along.
  13. 2400? 2400?!? by burgburgburg · · Score: 4, Funny
    You were lucky.

    In my day, we had to get at 2:00am, clean the road with our tongues, crawl to work on broken glass and when we got there, we had to work with 6 baud modems that were powered by rabid hamsters. And we were glad for them.

  14. Shhhhhhhh!!! by JoeLinux · · Score: 3, Funny

    Like Microsoft (May Billy Gates live forever) says, "If nobody does any research on it, nobody'll know it exists, right?"

    That was totally irresponsible. They should have not released theat information, and promptly committed Hari-Kiri so the information would never be uttered again on the face of the earth.

  15. Re:yay (faker!) by christopher240240 · · Score: 2, Funny

    Be nice, or I'll strangle you with a piece of this thicknet cable.

  16. Re:Security through obfuscation by Anonymous Coward · · Score: 0, Funny
    Your post is a stupid attempt to get the Slashdot crowd to actually attempt reading the article before commenting on the feasability of such attacks.

    You are nothing but a filthy commie/terrorist.

  17. Timescale by rf0 · · Score: 4, Funny

    Paper Today
    Proof of Concept by Monday
    Script Kiddies Version by Thursday
    Internet dies on Friday
    All back to normal Monday

    Rus

    --
    Cheap UK and US VPS
  18. Re:Obligatory simpsons quote... by admiralh · · Score: 5, Funny

    When a blimp crashed on a roof a few years ago, I always envisioned the people on the roof looking up and shouting, "Look Out! Walk for your lives!"

    --
    Hopelessly pedantic since 1963.
  19. Re:yay (faker!) by Genady · · Score: 2, Funny

    You'd better duck, these vampire taps can be nasty when they hit yea square in the noggin!

    --


    What if it is just turtles all the way down?
  20. Tune in next week... by Ratphace · · Score: 2, Funny


    ...when we publish how to build a thermonuclear device using common household items! ;)

  21. Fix suggestion by Anonymous Coward · · Score: 1, Funny

    Shutdown as much as the Internet as possible for a whole month, and THEN *claim* it's the fault of virus writers, spammers, SCO suits and other informatics evil-doers.

    I know it looks like a simplistic approach, but just think of the socio/psychological impact on teh above-mentionned scapegoats.

  22. Re:yay (faker!) by gte910h · · Score: 2, Funny

    Bloody Not Coming off

    --
    Want to see every step I took to start my company? http://www.rowdylabs.com/blogs/pitchtothegods
  23. Re:Security through obfuscation by smack_attack · · Score: 2, Funny

    We should flood the market with fake nuke programs with fancy graphics.

    --

    Hammer of Truth
  24. Duh! by dark-br · · Score: 4, Funny

    You can use a modem to post a slashdot article with a link to the target computer...

  25. Frequency by StormReaver · · Score: 4, Funny

    "By sending small bursts of packets at just the right frequency...."

    That's not a problem. All you have to do is periodically adjust your shield harmonics to keep the attacker from adapting quickly enough to do any harm.

  26. a frenchman?? what! by Anonymous Coward · · Score: 1, Funny

    I hearby have renamed my "2400 baud modem" to "2400 freedom connection device"

  27. Re:Worms can potentially exploit this by IM6100 · · Score: 3, Funny

    The Internet is a consensus-based network, based on protocols which were intended to be robust, but never intended to scale to the degree that they have. Much of the Internet is based on the idea that the people using it could agree to external rules to keep it civil.

    This whole scheme breaks down badly as the Internet and it's protocols are scaled to the 'big mean world'. Spam is the result in the domain of email. Things like this low bandwidth DoS attack are the result in the domain of TCP.

    Problems like this are inherent in the very design of the Internet. Any global network whose rules are coached in terms like 'Request For Comment' is asking for problems.

    These sorts of problems are what is going to force the balkanization of the Internet. Look for the net to slowly migrate toward a group of proprietary ISPs all talking to one another through gateways. It's not far off.

    We can't all get along like this is 1987 and we're all happy Unix-heads at various scientific institutions much longer.

    --
    A Good Intro to NetBS
  28. Learn How To Protect Yourself!! READ THIS!! by CoyoteGuy · · Score: 4, Funny



    Just set the evil bit, and all is well. ;)

    --
    Slashdot.. Land of nerds, trolls, and FlameBait..
  29. Re:Young fsking slacker is what you were... by tbone1 · · Score: 2, Funny
    Loom? You were lucky.

    We had to do all our programming by having a Viking take a battle axe to particular monks in a line to represent ones and zeros. The cost of computing was enormous. Those Vikings didn't work cheap, and the price of monks went up every year. Then when Constantinople fell to the Turks, ...

    Oh, I've had enough of this. I never wanted to be a geek. I wanted to be ... a lumberjack!

    --

    The Independent: Reverend Spooner Arrested in Friar Tuck Incident - ISIHAC, Historical Headlines
  30. Re:You lucky bastard. by fireboy1919 · · Score: 2, Funny

    You think you had it bad? Back in my day, we didn't have mornings, cable, nails, fathers, or hands.

    We had to grab ahold of something just to keep from floating away, and us without bodies! Heck, it wasn't even really us back then, it was just me, and I didn't even have consciousness. I didn't have nothin'.

    And I was glad to get it.

    Things just aren't what they used to be. Young folks have got all these newfangled "physical laws" and "universal constants" to make things easy for 'em. It's gettin' so that you can't much turn around without being attacked by some hooligan physical law keeping you on the ground, or from forcing you to conserve mass or some such.

    --
    Mod me down and I will become more powerful than you can possibly imagine!
  31. Re:yay (faker!) by charon_on_acheron · · Score: 2, Funny

    Your wife's monitor has BNC ports? What's its IP address, I'll try to ping it.