Distributed Denial of Service Attacks

hetairoi was one of the many people who wrote to us about ZDNet's coverage of "distributed coordinated attacks", a new style of denial of service attack. Rather then using just one machine, efforts are coordinated through multiple servers, making server-defense more difficult. Huh - does the Slashdot effect count? *grin*

Slashdot Effect as a weapon

[Mr.+Slippery]

This is just idle speculation to stretch the brain, I don't think it's very practical. But...

Let's say there existed a web server that was not of particular interest to geeks, but which an 3V1L H4X0R wanted to Slashdot. (You know, I just realized that it's awkward to end a sentance with /. - do you end it "/.."?)

3V1L H4X0R sets up a web page of interest to geeks (most likely with false information - say, make up something about Linux running on an Atari 2600) and puts it up on a server somewhere. And maybe the server is some clueless newbie's PC that happens to have a cable or DSL connection. 3V1L H4X0R submits the page, anonymously, to Slashdot.

When accesses to the page start to come in and get heavy, 3V1L H4X0R replaces his page with one that has a redirection URL to the target page.

In fact, I think if he was sneaky enough, he could make his orginal page load the target in a non-visible frame - or several targets in several non-visible frames - and not even bother with the switch! If 3V1L H4X0R picks small target URLs (say, some small images on the target site), the brower user won't notice the network activity; but of course that would be less load on the target server per browser.

It's a social engineering bait-and-switch.