Slashdot Mirror
40-Gbps DDoS Attacks Worry Even Tier-1 ISPs
sturgeon and other readers let us know that Arbor Networks has released their annual survey of tier-1 / tier-2 ISP security engineers. This year they got responses from 70 lead engineers. While DDoS attacks are reaching new heights of backbone-crushing traffic — 40 Gbps was seen this past year — the insiders are also worried about emerging threats to DNS and BGP. The summary notes that "Most believe that the DNS cache poisoning flaw disclosed earlier this year was poorly handled and increased the danger of the threat," but doesn't spell out what a better way of handling it might have been. All in all, the ISPs sound a bit pessimistic — one says "fewer resources, less management support, and increased workload." You can request the full PDF report here, but it will cost you contact information. In related news, an anonymous reader passes along a survey by Secure Computing of 199 international security experts and other "industry insiders" from utilities, oil and gas, financial services, government, telecommunications, transportation and other critical infrastructure industries. They are worried too.
nah we will just pay 700 billion to prop it up for a few months and let the next guy deal with it.
i can't decide, is the 40Gbps spike was related to fighting between criminal organizations. so its mollifying that this tool is so far only being used at such screaming proportions as turned on its creators:
the new york times had a good summary:
http://www.nytimes.com/2008/11/10/technology/internet/10attacks.html?partner=permalink&exprod=permalink
its notable that a lot of this potential is just sitting around, waiting for a chance to be used. if china goes to war with taiwan, or as when russia declared war on georgia, you will see/ saw these countries get DDosed off the face of the earth. that's the really worry: using DDos as a tool of war. the usa can sit around and wait until DDos used against vital government and civilian systems, or get ahead of the curve now
also notable: reflective amplification. that's the methodology employed. i'm not really sure, but i think that's where you dupe completely unrelated systems into responding to forged packets. someone wiser than me on these issues: is that the general drift?
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Except the economy is fake and "they" pull this recession bullshit every ten years or so.
you got quotation marks, but no point. please elaborate.
Obviously the Anti-Illuminati. You'd think "they" meant Illuminati, which is why it has to be the Anti-Illuminati. Unless "they" knew you'd think that...
The 700 billion would have been better spent setting up a Depression Era work force. After the bridge collapse in MN we've been hearing report after report about how the current infrastructure is falling apart around us. The electrical grid is rigged together worse than some college students' cars.
Suspend unemployment. (Anyone willing and able to work but cannot find a job). Start putting everyone to work doing something. Bus them to and from a work site up to X miles from your home.[0] Every major bridge that isn't going to make it gets the full 24/7 treatment. When one bridge is done. You move onto the next one. Everything trickles down. Every one of those workers is going to need food, haircuts, a trailer to live in (while at work). Trucking industry would pick back up doing loads of construction supplies. Domestic construction equipment manufacturers would need to up production Only other domestic MADE, no other equipment (Cat, Deere, etc). Build the roads to European standards (Autobahn and such).
Give the electric companies 2 choices: Fix your own damn shit with your profits or we fix it and lease it back to you or nationalize you.
Sure there are people that are going to bitch because they're used to their handout. But handouts aren't going to help anyone. Make everyone work.
It's not perfect but it's a hell of a lot better than handing it over to a bunch of people who managed to already lose $700b.
[0].M-F you live in work housing or you work 4 - 10s or 7 on 7 off.
Where's my "-1, Epic Fail!" moderation option when I need it?
How are sites slashdotted when nobody reads TFAs?
Skip the spam and just download directly here... http://www.arbornetworks.com/en/docman/worldwide-infrastructure-security-report-volume-iv-2008-/download.html
Have any studies been made with regards to DDoS attacks and IPv6. While at this point highly theoretical, would the differences in address range and lack of NATs reduce, increase or have no change on the risk?
Jumpstart the tartan drive.
100% Absolute Bull Shit. Name 1 manufacturer that does this.
I work for Caterpillar. (You know, Construction Equipment). I've been on the factory tours. I've SEEN a Bulldozer come together from front to end. I can't speak for every component and I'm sure that some parts come from China or elsewhere. But a chunk of the product is made right here built by American Workers. I've seen the robots cutting the plate steel out and people welding it together
Bulldozers/Pipe Layers (Track Type Tractors) are built in East Peoria, IL.
Large Mining Trucks, Motor Graders are built in Decatur, IL.
Hydraulic Excavators and Large Wheel Loaders are built in Aurora, IL.
Skid steers, Backhoes are in South Carolina. (At will factory).
Engines are built in Lafayette, IN, Mossville, IL and Greenville, SC. (Only Mossville is Union).
Paving equipment is in MN.
Underground mining equipment is in Australia.
And there are factories all around the world, Belguim, France, England, India, etc. (Ever figure the shipping on a multi-ton vehicle)
John Deere is in Moline, IA.
Go on a road trip sometime. Name a Chinese Manufacturer. Kumatsu and Mitsubishi and Japanese. JCB is British, Samsung is Korean. There are no (yet) big manufactures in China.
Construction equipment is a tool. And just like with hand tools you can go to Harbor Freight or you can go to Snap-On. For some people Harbor Freight is fine. But if you run something 24/7, 365 and every hour costs you thousands of downtime. You don't go cheap.
I know this is slashdot, but try not to talk out of your ass so much.
Just to be clear...
First, Greenspan expected banks to make choices in their own self-interest... but instead bank executives made decisions that were in their own self interests. He forgot that corporations are not actual decision-makers, individuals are, and individuals tend to make the choices that are best for them, not the choices that are best for their company.
Second, given the expectation of government bailout, it was no longer in the banks' self-interest to self-regulate, since they got to externalize the risk of bad investments. It's been known for years among financial circles that any bank failures big enough to potentially unhinge the economy would be prevented by government bailout. This information influenced lending decisions.
The simple fact of the matter is that top-level decision-makers at these financial institutions made decisions to maximize their bonuses, and those of their friends. Since the bonuses were not tied to long-term health of the company, the choices made were not optimized for long-term health of the company (or the economy as a whole). Any guilt over the negative repercussions was assuaged by the knowledge that the taxpayer would step in and bail them out.
Really, it was an investor's dream -- privatize the profits, socialize the risks.
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
Give the electric companies 2 choices: Fix your own damn shit with your profits or we fix it and lease it back to you or nationalize you.
Sure there are people that are going to bitch because they're used to their handout. But handouts aren't going to help anyone. Make everyone work.
It's not perfect but it's a hell of a lot better than handing it over to a bunch of people who managed to already lose $700b.
[0].M-F you live in work housing or you work 4 - 10s or 7 on 7 off.
I hate to ruin your rant with what we call "facts", but the grid in the United States is not owned by private companies that you can just boss around from your ivory tower of uninformed tripe. It is an amalgamation of state-run and multi-state entities called ISOs (Independent System Operators) that both contract and coordinate with the transmission agencies in concert with privately-owned and state-owned generation assets to produce consistent and reliable power. A grid, in the strictest sense of the word, is a series of transmission lines, owned by multiple companies, that are interlinked and under the complete autonomy of the ISO. Nothing happens without the permission and direction of the ISO or FERC (and NERC as its enforcement arm). The grid is aging, but since the ultimate authority to direct replacement lies with both federal, state, and multi-state agencies, who precisely in your little world bears the fiscal burden?
May I suggest for your education:
http://www.ferc.gov/
http://www.nerc.com/
And for ISOs:
http://www.ercot.com/
http://www.caiso.com/
http://www.nyiso.com/public/index.jsp
http://www.pjm.com/index.jsp
http://www.midwestiso.org/home
Find the one that serves your area, and berate them with your uninformed bile since you obviously understand all of this better than anyone else.
Or do you?
...take them out.
The computers I mean. If it's that bad the zombies need to be killed off.
I've read a few stories about researchers infiltrating botnets and being able to see a list of all the compromised computers. I wonder if it's possible to completely stop network access remotely without causing data loss.
If I was in a position where I could press a button and wipe the MBR of every zombied computer on a gigantic botnet, I'm not sure if I would or not. Would you?
Most believe that the DNS cache poisoning flaw disclosed earlier this year was poorly handled and increased the danger of the threat
The Kaminsky thing? The ISPs thought it was handled poorly? How ***the fuck*** should it have been handled then? The day they disclosed publicly that there was a vulnerability, nevermind that they didn't disclose the details, they had patches out for every major DNS server and any ISP who wanted to be patched could have been. WTF?
This is terrifying.
So terrifying, in fact, that I fully support the rebuilding of the entire Internet by pseudo-Democratic countries like the United States, and large businesses such as General Electric and Monsanto.
We have to stop these faceless Internet terrorists once and for all!
Did we just jump in back 5 (or more) years in time?
You are joking, right? Open relays have been oveshadowed by compromised destop machines as spam sources for a few years now. Plus, since SMTP MTAs tend to be on static IPs, the use of RBLs has effectively limited the reach of open relays as sources for any kind of email (SPAM or otherwise).
The real "Libtards" are the Libertarians!
So when a small business employee gets into a car wreck on the job and accidentally kills somebody, the victim's family should be able to take not only all business assets, but the house and all personal assets of the owner?? Yeah, I can't see where that would cause any problems...
"But this one goes to 11!"
I agree. They just scraped an old WPA bridge near my home,not because it was unsafe,but because it was built in the time of single lane back roads and with all the trucks they needed a two lane bridge. That thing was built like a tank and had needed almost no maintenance in the nearly 80 years it stood. Most of the bridges here in AR,along with a lot of the electric and water lines were originally WPA,and really changed folks lives for the better in these rural states.
So why not a WPA now to not only fix the crumbling roads,but to build us a new national broadband infrastructure for future generations? We could cut the ranks of the unemployed and lay fiber throughout the country,from the most urban to the most rural. And since it would be owned by We,The People we could lease it out to the telecos and have us some actual free market competition for a change. Wouldn't that be nice? Oh,BTW,it isn't 700 billion,that was just smoke up your butt. The actual number so far is 2 trillion! and they refuse to even tell us where the money went. You know,OUR money,that our great great grandkids will be paying for? You just have to love the brilliance of putting Wall Street insiders in charge of bailing out Wall Street.
ACs don't waste your time replying, your posts are never seen by me.
We have exactly this discussion here in germany right now.
Germany is one of the last countries in europe that doesn't have a minimum wage and the slave labor lobby is trying hard to keep it that way.
I agree that a minimum wage should alleviate a large part of the immediate problem. But the bigger problem remains unchanged: We have more people than we have jobs.
The government can (and does) create artificial jobs by making people clean up parks or even repair bridges that would otherwise not be repaired - but that will always be a losing game. If these jobs would provide enough value to justify the cost then they'd already exist as regular jobs and there was no need to create them. Such "created" jobs are really just subventions in disguise and a tool to keep people busy so they don't start thinking.
The question is: For how much longer can the (steadily shrinking) productive portion of the population drag the (rapidly growing) non-productive part of the population along?
It doesn't matter much whether a non-productive worker is collecting welfare or is kept busy in a pseudo-job. The cost to society is almost the same.
I think therein lies the real crux that we're facing these days. Maybe the new messiah (err, obama) will finally at least acknowledge the problem so we can start looking for solutions.