Slashdot Mirror


An Anti-DoS Tool That Returns Fire

An anonymous reader submits "Security company Symbiot is about to launch a product that can help companies fight back during a DDoS or hacker attack by launching their own counter offensive. A ZDNet UK story quotes security "experts" questioning the legality of such a product and asking how it will will avoid being fooled by hijacked PCs and spoofed IP addresses..."

8 of 407 comments (clear)

  1. Friendly fire. by Jaywalk · · Score: 5, Insightful
    For a company that makes a big deal about "thousands of years" of experience, they clearly have not thought this through. A distributed denial of service counter-attack to a distributed denial of service attack? If both sides have massive numbers of machines engaged in sending bogus messages you can be assured of two things: 1) there won't be enough traffic brought to bear on the offending machines to shut them down. 2) It's going to suck down massive amounts of bandwidth.

    Can you see the tech guy trying to explain that their company was knocked off, not by the attack, but by the counter attack?

    "It's okay, sir. It was friendly fire.

    --
    ===== Murphy's Law is recursive. =====
    1. Re:Friendly fire. by abandonment · · Score: 5, Insightful

      this is the stupidest idea i've heard of in a long time - if you have the network infrastructure to try and launch a DDOS attack, then you probably have the ability to survive and/or defend from DDOS attacks without resorting to insanity like this. Of course, companies in the US will probably love this, it fits well with their governments' 'first strike' foreign policy directives as pushed by Mr Shrub etc

    2. Re:Friendly fire. by jamshid42 · · Score: 5, Insightful

      Actually, could you see if two different companies had an automatic DDoS system like this and someone spoofed their DDoS to attack Company A and made it look like it was coming from Company B? Company A's auto-attack would then attack Company B, which would, in turn, attack Company A. Not only would the continual volleys take out both companies, there would also be a huge impact on the network paths between them.

      --
      /. - Proof that Sturgeon's Law is true...
    3. Re:Friendly fire. by robslimo · · Score: 5, Insightful

      Agreed.

      From the article, According to the company, a response could range from "profiling and blacklisting upstream providers" or it could be escalated to launch a "distributed denial of service counter-strike".

      Given that blacklist maintainers have gotten such an unfriendly response from some quarter that they're starting to operate anonymously (google SPEWS for more), launching your own DDoS would put you in deep doo-doo, no matter how white you think your hat is.

      -RatOmeter

  2. Get ready for more attacks by poptix_work · · Score: 5, Insightful

    This has already been discussed on the NANOG mailing list, the general consensus is that _this_ will be the next
    source of attacks against systems as people spoof attacks at it. (Much like smurf attacks)

    Some day people will realize the answer is to remove the vulnerable hosts that are being used as attack sources.

    --
    Just because you disagree doesn't make it offtopic or flamebait.
  3. Simbiot or Some Idiot? by b0r0din · · Score: 5, Insightful

    Yes, let's protect ourselves from attacks by attacking the offenders and wreaking even more havoc. That'll go over well. I don't even want to go into how stupid a proposal this is. Let's start with the first detail: it's probably illegal.

    I imagine it'll have some sort of military function, though.

  4. March 31 + 1 by dclydew · · Score: 5, Insightful

    Hrmmm, they go live on March 31 and this sounds too silly to be serious. I vote April Fools Joke.

    --
    Get a life, not a lifestyle. - Hikem Bey
  5. What's really scary about this.. by humankind · · Score: 5, Insightful

    To me, what's really scary about this isn't that the idea is counterproductive, bone-headed, and probably illegal. It's that any company would propose something like this... which leads me to think that this is the type of story that is promoted just to get a rise out of people and we've taken the bait.

    The company is obviously trying to jump on the media-whore bandwagon by proposing such an idea, but look who they are and where they're from. Texans' historical idea of security hasn't been impressive.

    Shame on ZDNet for creating this troll in the first place. Shame on Slashdot for referencing this troll. Shame on us for being so outraged by it and taking the bait.

    We know this idea will never fly. But now we've given this loser company 15 minutes of fame. This story belongs on a Darwin Business Awards list or Fark.com, not here.