Man, some of the people on Slashdot are goddamn paranoid fools. Come on, people!!! Red Hat cobbles together a few big names, 8 mil, throw the cash at scientific and educational OSS causes, and generally be good members of the community. What kind of response do they get from Slashdotters??
Oh, it's a tax break. Oh, the goals are too vague. Oh, everything Red Hat does is evil.
Jesus, people. WAKE UP!!! The company is doing something nice with it's cash!!! For chrissake, RELAX!
I can't seem to find any mention of a "trinoo" anywhere on net... do you still have the tool?? I am interested in source code, especially, as I would like to know both which ports it uses to communicate with other servers and which methods it uses to DoS.
I would argue that the most destructive (aka smurf, fraggle... amplified) distributed attacks are getting harder and harder as isps default to no directed broadcast on their networks. The "always on" connections... well, I haven't personally seen an attack that could take down a well-connected web site without amplification, and 3-4 machine cable or dsl networks aren't going to be a heavy source of amps. If there were some reference to "in the wild" attacks, rather than cert blabbing about 4 or 5 undescribed "incidents", I would be more inclined to take it seriously. Exploits, anyone??
Seriously, ICMP smurfing was a distributed attack. As referenced in the original post, the slashdot effect was a distributed attack. The real question is whether or not the attack exploits a bug in the operating system or ip stack of the victim server (in which case it's the vendor's problem to fix), or the equivalent of opening up http requests from 10,000 different hosts at the same time (which is a function of the IP/TCP/HTTP combo and should happen).
In the case that it is a vendor software bug (ping o death, etc) then it should be patched and blocked. If someone is able to flood your web server with legitimate connections, a.k.a. 3-way tcp handshakes, there's not a whole lot you can do without killing your web server. I don't see how this is some brand new attack, nor do I see how it is a real problem. Anyone been icmp echo'd to death from 100,000 hosts lately? Jeez...
From Wired 4.12... article called Mother Earth Mother Board... url at http://www.wired.com/wired/archive/4.12/ffglass.ht ml
The signal coming down the FLAG cable passes through the doped fiber and causes it to lase, i.e., the excited electrons drop back down to a lower energy level, emitting light that is coherent with the incoming signal - which is to say that it is an exact copy of the incoming signal, except more powerful.
The amplifiers need power - up to 10,000 volts DC, at 0.9 amperes. Since public 10,000-volt outlets are few and far between on the bottom of the ocean, this power must be delivered down the same cable that carries the fibers. The cable, therefore, consists of an inner core of four optical fibers, coated with plastic jackets of different colors so that the people at opposite ends can tell which is which, plus a thin copper wire that is used for test purposes. The total thickness of these elements taken together is comparable to a pencil lead; they are contained within a transparent plastic tube. Surrounding this tube is a sheath consisting of three steel segments designed so that they interlock and form a circular jacket. Around that is a layer of about 20 steel "strength wires" - each perhaps 2 mm in diameter - that wrap around the core in a steep helix. Around the strength wires goes a copper tube that serves as the conductor for the 10,000-volt power feed. Only one conductor is needed because the ocean serves as the ground wire. This tube also is watertight and so performs the additional function of protecting the cable's innards. It then is surrounded by polyethylene insulation to a total thickness of about an inch. To protect it from the rigors of shipment and laying, the entire cable is clothed in good old-fashioned tarred jute, although jute nowadays is made from plastic, not hemp.
nah, running parallel to the fiber on a 3/4" thick copper line to power repeaters. There's a wired story on long-haul fiber from sometime in '94 that details it all... i will try to find a url.
ok, I worked at an isp for a while, and here's what I saw.
Apparently, people digging tend to call blue stakes or whoever when they are digging in areas that might have natural gas lines, 'cuz they'll explode if they screw up. Fiber lines, on the other hand, pose no such problem unless you're standing in water when you hit one (there's a lot of power going through to feed all the repeaters on a long-haul circuit). So utilities and construction workers don't tend to worry about calling any utilities to find out if fiber is buried, because they really never see the effects. I believe they are legally liable, though. Anyone know if someone has ever been brought to court for cutting fiber??
Bored with the unchallenging and non-time-consuming tasks of admining slashdot, Rob Malda took to a life of seedy internet hangouts and irc-addict script kiddies as a way to relieve the boredom of daily life and increase his page hits.
Trust me. I profiled him. I know it. See??? He has a web page, and graphics, and is online lots. He did it. Really.
the 'net itself was supposed to survive nuclear war, but it has taken some serious engineering feats to allow connectivity to individual web presences when their primary services go down. BGP, Dual-homing to different ISPs, geographic redundancy (and all the routing joys involved with that), content replication, etc. etc.
I recall there was a mudslide or storm in California 3 or 4 years back, and the whole world was shocked when they found out that all the silicon valley companies were only single homed to the internet... 'cause most isps lost service to the area. It was a bad wakeup call for some people, and companies are beginning to design their own networks differently...
of course, the chicago board of trade's recent problems with MCI prove that people haven't entirely gotten the idea of resilient networks into their heads yet.
From a network engineering viewpoint, I am completely enchanted with the idea that we can build networks that will be available to online communities regardless of little inconveniences like category 4 hurricanes.
It stands as proof of the importance of the work that the geek community is doing that systems are regularly put into place that will withstand natural disasters. If this stuff wasn't important, companies wouldn't go to the lenghts that they do to make sure their web sites are up regardless of natural disasters and rogue backhoes. Here's to internet resiliency (assuming, of course, that the 'NIC doesn't screw up RedHat's zone propagation...:)
Having worked in several full time and consulting positions, my current experience is that consultants or contractors are perfect for projects that require a skillset that the company is not willing to pay for full time. We build out e-commerce networks regularly, and are used to size the network (something akin to voodoo magic if you want to do it right), design architecture, lay the infrastructure, size the servers, build, harden, and configure the servers, design network monitoring, design security, etc. etc. etc.
To do that, the company would have to hire, full time, 1-2 network geeks with experience in high-speed co-location networks and redundancy, 1-2 security geeks capable of dealing with high-traffic exposed websites and various network hardware and OSs, 1-2 snmp/netmon geeks for HP Openview or whatnot, and at least 2 crak Unix admins. If the company picks up consultants instead, the buildout may cost them 200k, but it is much cheaper than salary for all those people. Also, what do you do with all of those people after the project is finished? As full-timers, they will get bored and leave. As consultants, they don't have the chance.
Slashdot Mirror
Man, some of the people on Slashdot are goddamn paranoid fools. Come on, people!!! Red Hat cobbles together a few big names, 8 mil, throw the cash at scientific and educational OSS causes, and generally be good members of the community. What kind of response do they get from Slashdotters??
Oh, it's a tax break.
Oh, the goals are too vague.
Oh, everything Red Hat does is evil.
Jesus, people. WAKE UP!!! The company is doing something nice with it's cash!!! For chrissake, RELAX!
I can't seem to find any mention of a "trinoo" anywhere on net ... do you still have the tool?? I am interested in source code, especially, as I would like to know both which ports it uses to communicate with other servers and which methods it uses to DoS.
Thanks.
I would argue that the most destructive (aka smurf, fraggle ... amplified) distributed attacks are getting harder and harder as isps default to no directed broadcast on their networks. The "always on" connections ... well, I haven't personally seen an attack that could take down a well-connected web site without amplification, and 3-4 machine cable or dsl networks aren't going to be a heavy source of amps. If there were some reference to "in the wild" attacks, rather than cert blabbing about 4 or 5 undescribed "incidents", I would be more inclined to take it seriously. Exploits, anyone??
can you say Oh! Oh! Oh! new smurfs!!!
...
Seriously, ICMP smurfing was a distributed attack. As referenced in the original post, the slashdot effect was a distributed attack. The real question is whether or not the attack exploits a bug in the operating system or ip stack of the victim server (in which case it's the vendor's problem to fix), or the equivalent of opening up http requests from 10,000 different hosts at the same time (which is a function of the IP/TCP/HTTP combo and should happen).
In the case that it is a vendor software bug (ping o death, etc) then it should be patched and blocked. If someone is able to flood your web server with legitimate connections, a.k.a. 3-way tcp handshakes, there's not a whole lot you can do without killing your web server.
I don't see how this is some brand new attack, nor do I see how it is a real problem. Anyone been icmp echo'd to death from 100,000 hosts lately? Jeez
From Wired 4.12 ... article called Mother Earth Mother Board ... url at http://www.wired.com/wired/archive/4.12/ffglass.ht ml
The signal coming down the FLAG cable passes through the doped fiber and causes it to lase, i.e., the excited electrons drop back down to a lower energy level, emitting light that is coherent with the incoming signal - which is to say that it is an exact copy of the incoming signal, except more powerful.
The amplifiers need power - up to 10,000 volts DC, at 0.9 amperes. Since public 10,000-volt outlets are few and far between on the bottom of the ocean, this power must be delivered down the same cable that carries the fibers. The cable, therefore, consists of an inner core of four optical fibers, coated with plastic jackets of different colors so that the people at opposite ends can tell which is which, plus a thin copper wire that is used for test purposes. The total thickness of these elements taken together is comparable to a pencil lead; they are contained within a transparent plastic tube. Surrounding this tube is a sheath consisting of three steel segments designed so that they interlock and form a circular jacket. Around that is a layer of about 20 steel "strength wires" - each perhaps 2 mm in diameter - that wrap around the core in a steep helix. Around the strength wires goes a copper tube that serves as the conductor for the 10,000-volt power feed. Only one conductor is needed because the ocean serves as the ground wire. This tube also is watertight and so performs the additional function of protecting the cable's innards. It then is surrounded by polyethylene insulation to a total thickness of about an inch. To protect it from the rigors of shipment and laying, the entire cable is clothed in good old-fashioned tarred jute, although jute nowadays is made from plastic, not hemp.
nah, running parallel to the fiber on a 3/4" thick copper line to power repeaters. There's a wired story on long-haul fiber from sometime in '94 that details it all ... i will try to find a url.
ok, I worked at an isp for a while, and here's what I saw.
Apparently, people digging tend to call blue stakes or whoever when they are digging in areas that might have natural gas lines, 'cuz they'll explode if they screw up. Fiber lines, on the other hand, pose no such problem unless you're standing in water when you hit one (there's a lot of power going through to feed all the repeaters on a long-haul circuit). So utilities and construction workers don't tend to worry about calling any utilities to find out if fiber is buried, because they really never see the effects. I believe they are legally liable, though. Anyone know if someone has ever been brought to court for cutting fiber??
Rob did it!!!
Bored with the unchallenging and non-time-consuming tasks of admining slashdot, Rob Malda took to a life of seedy internet hangouts and irc-addict script kiddies as a way to relieve the boredom of daily life and increase his page hits.
Trust me. I profiled him. I know it. See??? He has a web page, and graphics, and is online lots. He did it. Really.
That's all the proof you get today.
read the update on the article .... www and ftp mirrored off site / waiting for DNS prop / etc.
the 'net itself was supposed to survive nuclear war, but it has taken some serious engineering feats to allow connectivity to individual web presences when their primary services go down. BGP, Dual-homing to different ISPs, geographic redundancy (and all the routing joys involved with that), content replication, etc. etc.
... 'cause most isps lost service to the area. It was a bad wakeup call for some people, and companies are beginning to design their own networks differently ...
I recall there was a mudslide or storm in California 3 or 4 years back, and the whole world was shocked when they found out that all the silicon valley companies were only single homed to the internet
of course, the chicago board of trade's recent problems with MCI prove that people haven't entirely gotten the idea of resilient networks into their heads yet.
From a network engineering viewpoint, I am completely enchanted with the idea that we can build networks that will be available to online communities regardless of little inconveniences like category 4 hurricanes.
... :)
It stands as proof of the importance of the work that the geek community is doing that systems are regularly put into place that will withstand natural disasters. If this stuff wasn't important, companies wouldn't go to the lenghts that they do to make sure their web sites are up regardless of natural disasters and rogue backhoes. Here's to internet resiliency (assuming, of course, that the 'NIC doesn't screw up RedHat's zone propagation
Having worked in several full time and consulting positions, my current experience is that consultants or contractors are perfect for projects that require a skillset that the company is not willing to pay for full time. We build out e-commerce networks regularly, and are used to size the network (something akin to voodoo magic if you want to do it right), design architecture, lay the infrastructure, size the servers, build, harden, and configure the servers, design network monitoring, design security, etc. etc. etc.
To do that, the company would have to hire, full time, 1-2 network geeks with experience in high-speed co-location networks and redundancy, 1-2 security geeks capable of dealing with high-traffic exposed websites and various network hardware and OSs, 1-2 snmp/netmon geeks for HP Openview or whatnot, and at least 2 crak Unix admins.
If the company picks up consultants instead, the buildout may cost them 200k, but it is much cheaper than salary for all those people. Also, what do you do with all of those people after the project is finished? As full-timers, they will get bored and leave. As consultants, they don't have the chance.