Slashdot Mirror


New Low Bandwidth Denial of Service Attacks

An anonymous reader writes "A paper from Rice University appearing at the 2003 ACM Sigcomm Conference presents a new denial of service attack where the attacker only needs to send at a low rate to shutdown TCP flows. The trick exploits the retransmission timeout mechanism in TCP. By sending small bursts of packets at just the right frequency, the attacker can cause all TCP flows sharing a bottleneck link to simultaneously stop indefinitely. And because the attacker only needs to burst periodically, the attacker will not be distinguishable from normal hosts. The presentation, and other presentations from the conference, are available online (live streaming)."

21 of 366 comments (clear)

  1. yay by geighaus · · Score: 4, Funny

    Yay, finally there's use for my trustworthy 2400bod modem :D

    1. Re:yay by cK-Gunslinger · · Score: 4, Funny

      2400 baud? Back in my day, I had to run back and forth to my ISP yelling in binary.

      "101010100010100"

    2. Re:yay by CERDIP · · Score: 4, Funny

      Yeah, and it was upstream both ways, too!

      --
      ---- ---- --- -- --- ------ Keep Cool But Do Not Freeze
    3. Re:yay by KUHurdler · · Score: 5, Funny

      You had "1"s? all I had were zeros

      --
      Fix Your Own TV - RiddledTV.com Avoid the Landfill
  2. Tough paper to read by Brahmastra · · Score: 5, Funny

    This is a tough paper to read. It's going to be a long time before an "Insightful" post.

    1. Re:Tough paper to read by SuDZ · · Score: 4, Funny

      There is already a handfull of people trying to prove you right. :)

      SuDZ

  3. Low bandwith DOSing? by XSforMe · · Score: 5, Funny

    are available online (live streaming).
    This guy is an amateur, wait until he feels the slashdot effect on his server. His next presentation will be entitled, how to knock down any server by just posting an article.

    --
    My other OS is the MCP!
  4. Arrest them! by canajin56 · · Score: 5, Funny

    Good grief, they are giving instructions for how to DoS people! Arrest them using the DMCA! QUICK, BEFORE THE CAT IS OUT OF THE BAG!

    --
    ASCII stupid question, get a stupid ANSI
  5. "Coordinated DDOS" by mcc · · Score: 4, Funny

    [Scene: SCO Group, Utah. Where a "coordinated DDOS" is just beginning..]

    [SUIT 1] Uh, hey, uh.. this one computer here.. it's like the webserver or something?
    [SUIT 2] Yeah, I think, why?
    [SUIT 1] Well, none of the lights on it are on.. that's.. hm.
    [SUIT 2] Oh, yeah, hey, look at that, someone seems to have tripped over the cord and unplugged it. [[Switches it back on]]
    [SUIT 1] Huh.. um.. it doesn't seem to have started up all the way. It's saying something about "fsck" and asking for a password. What does that mean?
    [SUIT 2] Hm, not sure.
    [SUIT 1] Well.. could we get one of the linux guys to come and reboot it? Or something?
    [SUIT 2] Well, we fired all of the linux guys so that we could concentrate all our resources on the lawsuit.
    [SUIT 1] Uh.. shit! Well, I guess I better figure something out.. hmm
    [[ Two days later, after two days of phone calls, SUIT 1 finally finds an INDEPENDENT CONTRACTOR who doesn't just laugh and hang up on him when he says he wants them to come fix a linux server. INDEPENDENT CONTRACTOR starts the linux server up all the way and charges a great deal of money. "Coordinated DDOS" thus ends. ]]

    1. Re:"Coordinated DDOS" by Richthofen80 · · Score: 3, Funny

      Step 1: Make fun of SCO
      Step 2: ???
      Step 3: Karma!

      come on guys, that wasn't even very funny.

      --
      Reason, free market capitalism, and individualism
  6. Re:yay (faker!) by gosand · · Score: 5, Funny
    Yay, finally there's use for my trustworthy 2400bod modem :D

    Anyone who is actually old enough to have used one of these would certainly know how to spell it correctly.

    I call faker! You are just trying to pretend you are some 31337 old geek when you probably have never used anything slower than a DSL line.

    Now get out of here before I whip ya with this here cable with BNC connectors.

    --

    My beliefs do not require that you agree with them.

  7. Aha! by Pig+Hogger · · Score: 3, Funny
    So that's what happenning to Joe Jared's Osirusoft black-hole list, and the SPEWS website...

    I call to all arms-bearing full-bloodied americans to rush home, take their trusty shotguuns, and relentlessly hunt down spammers until the last one is gutted and stuffed and put on display in the Smithsonian!!!

  8. Re:Oh no! They're attacking... slowly... by Wolfger · · Score: 4, Funny

    It seems to me that the solution is to have a variable RTO... Kinda like when LaForge had to continually modulate the shield frquency to keep the borg from adapting. :-)

  9. 2400? 2400?!? by burgburgburg · · Score: 4, Funny
    You were lucky.

    In my day, we had to get at 2:00am, clean the road with our tongues, crawl to work on broken glass and when we got there, we had to work with 6 baud modems that were powered by rabid hamsters. And we were glad for them.

  10. Shhhhhhhh!!! by JoeLinux · · Score: 3, Funny

    Like Microsoft (May Billy Gates live forever) says, "If nobody does any research on it, nobody'll know it exists, right?"

    That was totally irresponsible. They should have not released theat information, and promptly committed Hari-Kiri so the information would never be uttered again on the face of the earth.

  11. Timescale by rf0 · · Score: 4, Funny

    Paper Today
    Proof of Concept by Monday
    Script Kiddies Version by Thursday
    Internet dies on Friday
    All back to normal Monday

    Rus

  12. Re:Obligatory simpsons quote... by admiralh · · Score: 5, Funny

    When a blimp crashed on a roof a few years ago, I always envisioned the people on the roof looking up and shouting, "Look Out! Walk for your lives!"

    --
    Hopelessly pedantic since 1963.
  13. Duh! by dark-br · · Score: 4, Funny

    You can use a modem to post a slashdot article with a link to the target computer...

  14. Frequency by StormReaver · · Score: 4, Funny

    "By sending small bursts of packets at just the right frequency...."

    That's not a problem. All you have to do is periodically adjust your shield harmonics to keep the attacker from adapting quickly enough to do any harm.

  15. Re:Worms can potentially exploit this by IM6100 · · Score: 3, Funny

    The Internet is a consensus-based network, based on protocols which were intended to be robust, but never intended to scale to the degree that they have. Much of the Internet is based on the idea that the people using it could agree to external rules to keep it civil.

    This whole scheme breaks down badly as the Internet and it's protocols are scaled to the 'big mean world'. Spam is the result in the domain of email. Things like this low bandwidth DoS attack are the result in the domain of TCP.

    Problems like this are inherent in the very design of the Internet. Any global network whose rules are coached in terms like 'Request For Comment' is asking for problems.

    These sorts of problems are what is going to force the balkanization of the Internet. Look for the net to slowly migrate toward a group of proprietary ISPs all talking to one another through gateways. It's not far off.

    We can't all get along like this is 1987 and we're all happy Unix-heads at various scientific institutions much longer.

    --
    A Good Intro to NetBS
  16. Learn How To Protect Yourself!! READ THIS!! by CoyoteGuy · · Score: 4, Funny



    Just set the evil bit, and all is well. ;)

    --
    Slashdot.. Land of nerds, trolls, and FlameBait..