Firewall Wizards mailing list archives
Re: Recent Attacks
From: "Frank L. Heidt" <heidtf () psns navy mil>
Date: Wed, 16 Feb 2000 15:10:06 -0800
Without belaboring the obvious, the apparent objective of the recent dds attack was vandalism writ large. The code in question was not 'great' per se, in actuality it's extraordinarily obvious. No clever exploitation of subtle interactions in IP, no earth shaking revelations of basic flaws, ( the flaws are very well know). Just a plain vanilla DOS written as a client/server app, with some obnoxious randomization in the various header fields of the generated packets. <Conjecture> I 'know' (read- think) that the wake up call has successfully been delivered. These attacks didn't just evaporate, they stopped. I don't think the folks who released the packet storm had a stunning moral conversion. rather, it is my conjecture that a few major '.net's are no longer forwarding traffic with non routable or spoofed address from boundary routers. Just a though. </Conjecture> IMHO, anyone who knowingly allows traffic out of their AS's with spoofed address information is guilty of, at the very least, bad manners. And now, after Mixter's 'experiment' has been activated, maybe something much worse. We do after all live in a litigious society. As to why the perpetrators didn't go after the root servers: besides technical details, one sentence: Wizard don't let children play in the tower unsupervised. ;-) "Starkey, Kyle" wrote:
I don't believe that this was the total objective. I believe (and this is only conjecture) that their point was the actual vulnerability itself. The DoS and the newly created DDos attacks are VERY simple to use and widely available. I think the point was "Hey, check out this great piece of code that is really easy to use and the MAJOR players on the internet are still vulnerable." I am hopeing it was more of a wake up call than it was malicious, but who knows. -Kyle Information Security MSDW Online From: hnd () asu edu [mailto:hnd () asu edu] ...If these hacker really do want to create massive scale problems why not hack the root servers?!!!!!!! This will bring down the whole internet.
Current thread:
- Re: Recent Attacks, (continued)
- Re: Recent Attacks Paul D. Robertson (Feb 21)
- Re: Recent Attacks Darren Reed (Feb 21)
- Re: Recent Attacks Paul D. Robertson (Feb 21)
- Re: Recent Attacks Philip J. Koenig (Feb 24)
- Message not available
- Re: Recent Attacks David LeBlanc (Feb 21)
- Re: Recent Attacks Barrett G. Lyon (Feb 17)
- RE: Recent Attacks Stephen Seal (Feb 17)
- RE: Recent Attacks Lance Spitzner (Feb 17)
- Re: Recent Attacks Frank L. Heidt (Feb 17)
- Re: Recent Attacks Iván Arce (Feb 17)
- Re: Recent Attacks Paul D. Robertson (Feb 19)
- Re: Recent Attacks Philip J. Koenig (Feb 17)
- Re: Recent Attacks Iván Arce (Feb 17)
- Re: Recent Attacks sedwards (Feb 19)