Slashdot Mirror
An Anti-DoS Tool That Returns Fire
An anonymous reader submits "Security company Symbiot is about to launch a product that can help companies fight back during a DDoS or hacker attack by launching their own counter offensive. A ZDNet UK story quotes security "experts" questioning the legality of such a product and asking how it will will avoid being fooled by hijacked PCs and spoofed IP addresses..."
Never underestimate the power of human stupidity. I am constantly amazed at how really smart people can, and do repeatedly, act so so dumb.
- Minutus cantorum, minutus balorum, minutus carborata descendum pantorum.
The article linked within the original story is also on-topic for this discussion.
Governments could soon be using hacker tools for law enforcement and the pursuit of justice, according to an expert on IT and Internet law. Joel Reidenberg, professor of law at New York-based Fordham University, believes it likely that denial of service attacks (DoS) and packet-blocking technology will be employed by nation states to enforce their laws. This could even include attacks on companies based in other countries, he says.
How do ya like them apples?
If you're a zombie and you know it, bite your friend!
Bruce Schneier wrote about this way back in Dec2002 cryptogram.
Counterattack
This must be an idea whose time has come, because I'm seeing it talked about everywhere. The entertainment industry floated a bill that would give it the ability to break into other people's computers if they are suspected of copyright violation. Several articles have been written on the notion of automated law enforcement, where both governments and private companies use computers to automatically find and target suspected criminals. And finally, Tim Mullen and other security researchers start talking about "strike back," where the victim of a computer assault automatically attacks back at the perpetrator.
The common theme here is vigilantism: citizens and companies taking the law into their own hands and going after their assailants. Viscerally, it's an appealing idea. But it's a horrible one, and one that society after society has eschewed.
Our society does not give us the right of revenge, and wouldn't work very well if it did. Our laws give us the right to justice, in either the criminal or civil context. Justice is all we can expect if we want to enjoy our constitutional freedoms, personal safety, and an orderly society.
Anyone accused of a crime deserves a fair trial. He deserves the right to defend himself, the right to face his accused, the right to an attorney, and the right to be held innocent until proven guilty.
Vigilantism flies in the face of these rights. It punishes people before they have been found guilty. Angry mobs lynching someone suspected of murder is wrong, even if that person is actually guilty. The MPAA disabling someone's computer because he's suspected of copying a movie is wrong, even if the movie was copied. Revenge is a basic human emotion, but revenge only becomes justice if carried out by the State.
And the State has more motivation to be fair. The RIAA sent a cease-and-desist letter to an ISP asking them to remove certain files that were the copyrighted works of George Harrison. One of the files: "Portrait of mrs. harrison Williams 1943.jpg." The RIAA simply Googled for the string "harrison" and went after everyone who turned up. Vigilantism is wrong because the vigilante could be wrong. The goal of a State legal system is justice; the goal of the RIAA was expediency.
Systems of strike back are much the same. The idea is that if a computer is attacking you -- sending you viruses, acting as a DDoS zombie, etc. -- you might be able to forcibly shut that computer down or remotely install a patch. Again, a nice idea in theory but one that's legally and morally wrong.
Imagine you're a homeowner, and your neighbor has some kind of device on the outside of his house that makes noise. A lot of noise. All day and all night. Enough noise that any reasonable person would claim it to be a public nuisance. Even so, it is not legal for you to take matters into your own hand and stop the noise.
Destroying property is not a recognized remedy for stopping a nuisance, even if it is causing you real harm. Your remedies are to: 1) call the police and ask them to turn it off, break it, or insist that the neighbor turn it off; or 2) sue the neighbor and ask the court to enjoin him from using that device unless it is repaired properly, and to award you damages for your aggravation. Vigilante justice is simply not an option, no matter how right you believe your cause to be.
This is law, not technology, so there are all sorts of shades of gray to this issue. The interests at stake in the original attack, the nature of the property, liberty or personal safety taken away by the counterattack, the risk of being wrong, and the availability and effectiveness of other measures are all factors that go into the assessment of whether something is morally or legally right. The RIAA bill is at one extreme because copyright is a limited property interest, and there is a great risk of wrongful deprivation of u
Free XBox, PS2
Link to NANOG thread
They are in the MoPac office park in Austin, near my office. They've been around for a while, but haven't really done anything to make me remember more than their logo. But nope, not an April 1st joke. It's a real company with a really really stupid idea, that will probably make a lot of money. Just like Vignette, whose headquarters are in the next lot. :)
The creators of this idea should have read this opinion piece before proceeding with their DDos counterattack initiative.
The Big News Page
invisible and powerless prime minister
Err... what? Canada's problem has always been the opposite -- our Prime Minister is too powerful. He appoints supreme court judges, and can invoke the "notwithstanding clause" to make legislation immune from judicial review anyway; he appoints senators; and he's the leader of the majority party in the house of commons, so they never vote against him, either.
Out of the so-called democracies of the world, Canada is about as close to an absolute monarchy as they get.
Tarsnap: Online backups for the truly paranoid
Are you kidding? IP spoofing is running rampant on the Internet. Have you ever been DDOS attacked? Unfortunately most networks do not egress filter.
"How often does IP spoofing really happen these days on the Internet? Not very often, if ever. Any ISP running routers that don't prevent this should be de-linked."
Wow! What a rosy world you must live in. Spoofing happens ALL the time. Those korean networks are really on top of the egress/ingress acl'ing, that's why nobody ever sees attacks/spoofed traffic coming from them. No, sorry to burst your bubble but spoofing is very frequent and happens all the time. You would think that the big shops would deploy ACL's on there border routers but they all don't. I used to be amazed at the number of spoof attempts we block on our core routers (people pretending to be us, people sending out traffic from bogon lists). It happens all the time, which is why something like this is just (IMHO) wrong. I can't see a realistic way to guarentee that you know the true originator of the traffic (unless it just automatically attacks the Asia-Pacific networks =).
If you're hosting your own DNS, use a spam trap subdomain and feed its addresses to any spammer until it gets flooded with a few hundred spam emails per day. If a spammer's host annoys you and has port 25 open, redirect your spam trap's MX record to that host... the bastards will spam each other and your email server can relax.
Last year the French superspammer Artmarket has been "blown away" after some spam trap operators made him eat his own spam until it stopped.
The use of the NULL ENVELOPE SENDER in a bounce message is the fix to prevent MailBombs from working.
Before that changes was implemented Forged Address MailBombs worked like a charm.