Slashdot Mirror


DDoS Extortion Attempts On the Rise

John Flabasha writes "There's an excellent article that originated on the LA Times and was syndicated to Yahoo News about DDoS attacks on online gaming and one of the solutions out there. Since when did ISP null routes go out of style?" We've run a number of previous stories about DoS blackmail attempts, like this one or this one.

6 of 277 comments (clear)

  1. Re:Null routes? by antifoidulus · · Score: 4, Insightful

    Not to mention that the zombies you are blocking may very well be potential customers(note that they are attacking gambling sites), never a good idea to block your customers.....though educating them might not hurt.

  2. Re:Null routes? by Rares+Marian · · Score: 3, Insightful

    Exactly why is letting a DDoS crush your service to everyone when they attack on of your sites better than blocking customers in one group?

    --
    The message on the other side of this sig is false.
  3. Re:Worldpay and Paypal, that hurt bad by eln · · Score: 4, Insightful

    Your friends are obviously not real e-commerce people. Everyone who has ever worked in tech support knows that all businesses lose millions of dollars a second every time anything related to their Internet service goes down.

  4. This is the reason why we cant get world peace. by jellomizer · · Score: 4, Insightful

    When ever we make someting available to the general public there is a matter of time until some jirk finds a way to cause problems. The internet has been around for about 30 years and has been popular for about 10 years. So after this short time we have turned a means of comunication ( And what a lot of people think as a step to peace ) into a complete war zone. And because no one directly (Indirectly some one may) gets hurt, and it is a lot harder to track someone down, they will attack sites and ingage in Mob beheavior much more esially then in real life. So a person who is on the outside will seem like an ordanry citizan when on the internet becomes a massive crime lord extrorting thousands of dollars from companies. They should bring back public flogging as a form of punishment, it seems a suitable punishment for a criminal who comits his crime in anonmity.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  5. Re:Why not just block the method of communication? by bruns · · Score: 4, Insightful

    Yes, there are legit IRC users left. Its my primary method of communication with the people who host services on my equipment, or to coordinate upgrades, or whatever we need to do that requires real time communication.

    To attack IRC servers just because thats the place where the bots go, is assanine and illegal. Some servers have 5000+ users on them, and the people who own/run those servers have enough problems as it is dealing with attacks from packet monkeys.

    How would you like it if I DDoS'd your server because one of your users sent out spam? You'd probably be screaming bloody murder to the FBI about it.

    Unless you are willing to allow other people to do the same things you want do to them at the exact same levels, don't even suggest that attacks are a way of dealing with a problem.

    --
    Brielle
  6. Re:Null routes? by tomstdenis · · Score: 3, Insightful

    um ... a socket is only allocated to a connect() call. If you ban the IP on the firewall side the SYN is simply ignored.

    So yes, the 40 byte SYN packet consumes bandwidth coming in. But you don't expend bandwidth or cpu time otherwise [e.g. no ACK/SYN going the otherway]

    Although that raises an interesting question. Who should pay for the bandwidth coming in? Just like who should pay for SMS? I didn't choose to have a SMS plan [well ok by signing up I did, but they don't have non-SMS plans]. So if some ass decides to SMS-bomb my cell why should I pay for it when my cell company didn't protect me?

    So if you firewall some jackass with a fat-pipe who decides to connect flood you and you do your part by not opening the connections who should pay for it?

    I think this is a good way to transfer some responsibilities back to the ISPs [in particular the originating ISP, something fishy about the same or similar HTTP request occuring 1000s of times a minute from a DSL...] and ultimately the user. Just like how spam should [ideally] be handled....

    Oh yeah...

    Tom

    --
    Someday, I'll have a real sig.