Information Security News mailing list archives
Re: Who Are These Jerks, Anyway?
From: Johnathan Meehan <jmeehan () EASYNET CO UK>
Date: Fri, 11 Feb 2000 15:30:15 +0100
Hi William, You raised a few interesting points in your previous mail. I would like to add to a couple with my own, if I may. * 2600, "The Hacker Quarterly", can in no way act disgusted by these attacks and hold insult for being linked to them. When I was a teenager, sitting around with an all powerul 96 modem (speed!) the magazine was a good read. Informative, and fun. Now however, it panders to nothing more than the scr1p7 k1d33. Disseminating information is one thing - tell me how to propogate an attack in rough technical terms, and I would be able to work it out, probably learning a lot on the way. It is doubtful that I would take the attack beyond my own network and my friends, though. However, 2600 is guilty of providing source code directly and/or direct links in several cases. This is not passing the information under the ideal of "free speech". This is passing the gun to a teenage idiot with a seriously bad attitude. Thanks, I got that one of my chest - it's been bugging me for a while now! :-)
Here's another difficult problem: DoS attacks use innocent computers to do the attacking.
* Innocent is in one way correct, William, but in another I think not. DoS attacks are older than my cleanest pair of socks, and this particular type is not new. The information pertaining to it, and ensuring that your system is not amongst those compromised is freely and easily available. Steps should have been taken by now to ensure that your machine is not one of those used. Whether it be a home box or not - people need to act in a responsible way. You would lock your guns in a cabinet, rahter than leave them outside on the window ledge, wouldn't you? What I'm saying is that security is only as good as the next weak machine, and we should not tolerate weak machines. I was discussing on the FreeBSD mailing list with a chap recently these things, after Yahoo! was had. The best way would be to have machines removed from the backbone - how is that done? The only other option we could come up with was along your lines. Perhaps, we thought, we could start a list dedicated to nothing more than recording the IP addresses of machines used to propogate such attacks. Provide some tools to automate things as much as possible, and sysadmin now has a list of IP addresses that they can drop at the border. We then mail the blocked sites to let them know what is happening. In this way we could take some responsibility that the people who should be taking it don't seem to want - we could reduce site of the playing field for the morons out there. OK, so the problem doesn't go away, but it is a step in the right direction, don't you think?
But in the meantime, this is a perfect example of the difficulty of putting a powerful tool in the hands of the people: Some people are jerks.
Couldn't have put it any better! Regards, Johnathan Meehan "A jug of wine, A leg of lamb And thou! Beside me, Whistling in the darkness." "Be Ye Not Lost Among Precepts of Order..." - The Book of Uterus 1;5 ISN is sponsored by Security-Focus.COM
Current thread:
- Who Are These Jerks, Anyway? William Knowles (Feb 11)
- Re: Who Are These Jerks, Anyway? Johnathan Meehan (Feb 11)
- Message not available
- Re: Who Are These Jerks, Anyway? Johnathan Meehan (Feb 14)
- Message not available
- Re: Who Are These Jerks, Anyway? Mixter (Feb 14)
- Re: Who Are These Jerks, Anyway? Johnathan Meehan (Feb 14)
- Re: Who Are These Jerks, Anyway? Reverend Jain T. Resin (Feb 16)
- Re: Who Are These Jerks, Anyway? whitvamp (Feb 16)
- Re: Who Are These Jerks, Anyway? Johnathan Meehan (Feb 16)
- Re: Who Are These Jerks, Anyway? Johnathan Meehan (Feb 11)