Firewall Wizards mailing list archives

RE: Recent Attacks

From: John Ross <jross () gta com>
Date: Wed, 16 Feb 2000 14:30:27 -0500

The security community has been aware of DDoS for some time. It wasactually the topic of discussion at a recent ICSA meeting. Because of thenature of the web, this type of attack is difficult to prevent. When auser requests a web page, the server responds with the data. They simplyoverloaded the websites with requests.

The only way to protect websites from this type of attack would be toprotect networks against being vulnerable to having the client installed onthe "zombie" machines that are the ones who are physically sending thefalse requests.

Not that it is impossible to protect machines against having these clientsinstalled, but it will take a massive worldwide collective to ensure thatsystems are protected against this.


-John

At 09:35 AM 2/15/00 -0800, you wrote:

I don't believe that this was the total objective.  I believe (and this is
only conjecture) that their point was the actual vulnerability itself.  The
DoS and the newly created DDos attacks are VERY simple to use and widely
available.  I think the point was "Hey, check out this great piece of code
that is really easy to use and the MAJOR players on the internet are still
vulnerable."  I am hopeing it was more of a wake up call than it was
malicious, but who knows.

-Kyle
Information Security
MSDW Online

-----Original Message-----
From: hnd () asu edu [mailto:hnd () asu edu]
Sent: Saturday, February 12, 2000 3:03 PM
To: firewall-wizards () nfr net
Subject: Recent Attacks


hi,

I was just wondering that The latest attacks on the popular web sites had
only
one objective behind it: to bring the web sites and render it useless for
the
period of attack. If these hacker really do want to create massive scale
problems why not hack the root servers?!!!!!!!  This will bring down the
whole
internet.

Hoshil




Global Technology Associates, Inc.
3505 Lake Lynda Drive
Suite 109
Orlando, FL 32817 USA
Tel: +1.407.380.0220  x105
Fax: +1.407.380.6080

http://www.gnatbox.com

Current thread:

RE: Recent Attacks, (continued)
- - RE: Recent Attacks Lance Spitzner (Feb 17)
  - Re: Recent Attacks Frank L. Heidt (Feb 17)
  - Re: Recent Attacks Iván Arce (Feb 17)
    - Re: Recent Attacks Paul D. Robertson (Feb 19)
- Re: Recent Attacks Matthew_S_Cramer (Feb 15)
  - Re: Recent Attacks Philip J. Koenig (Feb 17)
- Re: Recent Attacks Don Kendrick (Feb 16)
  - Re: Recent Attacks Iván Arce (Feb 17)
  - Re: Recent Attacks sedwards (Feb 19)
- RE: Recent Attacks Moore, James (Feb 16)
- RE: Recent Attacks John Ross (Feb 17)
- RE: Recent Attacks Troy Henley (Feb 17)
  - Re: Recent Attacks Bennett Todd (Feb 17)
- Re: Recent Attacks apotter (Feb 17)
- Re: Recent Attacks blyonpop (Feb 17)
  - Re: Recent Attacks Chris Cappuccio (Feb 19)
- RE: Recent Attacks Staggs, Michael (Feb 17)
- Re: Recent Attacks Barney Wolff (Feb 17)
- Re: Recent Attacks Don Kendrick (Feb 19)
- RE: Recent Attacks Staggs, Michael (Feb 19)
- Re: Recent Attacks Steven M. Bellovin (Feb 19)

(Thread continues...)