nanog mailing list archives
RE: Yahoo offline because of attack (was: Yahoo network outage)
From: "Roeland M.J. Meyer" <rmeyer () mhsc com>
Date: Wed, 9 Feb 2000 01:20:13 -0800
From: George Herbert [mailto:gherbert () crl com] Sent: Wednesday, February 09, 2000 12:52 AM To: Roeland M.J. Meyer Roeland wrote:I smell denial here. The compromised systems (only 52?) had tohave accessto pipes at least 1 Gbps in size, in order to carry out thisattack (do themath yourself). Either there were many more systemsparticipating (in itselfa scarey thought) or many of these large and professionally runsystems areowned and their operators don't know it. The only otheralternative is theconspiracy theory from hell.No, they don't. Assume there's 40k of data in the homepage. How many bytes of SYN-SYNACK-ACK-GET / HTTP/1.0\n does it take to do a TCP connect and request? I just tested, I show 160 bytes. That's a 250:1 leverage for the attacker. To fill 1 GBPS worth of outbound trunking you only need to generate 4 MBPS (32 Mbps) worth of input. 50ish systems with T-1 connectivity gets there with margins.
Okay, but you've still missed the point. Even if I stipulate everything you said here, that's still 50 largish systems that are compromised. I would almost wager that the perpetrators didn't use all of their assets either. That's a shit-load of large compromised systems on the Internet. Doesn't that thought worry you in the slightest?
Current thread:
- Re: Yahoo offline because of attack (was: Yahoo network outage) George Herbert (Feb 09)
- RE: Yahoo offline because of attack (was: Yahoo network outage) Roeland M.J. Meyer (Feb 09)
- Re: Yahoo offline because of attack (was: Yahoo network outage) Richard Steenbergen (Feb 09)
- <Possible follow-ups>
- RE: Yahoo offline because of attack (was: Yahoo network outage) Sykes, Phil (Feb 09)
- RE: Yahoo offline because of attack (was: Yahoo network outage) Havard . Eidnes (Feb 09)
- Re: Yahoo offline because of attack (was: Yahoo network outage) John Payne (Feb 09)
- Re: Yahoo offline because of attack (was: Yahoo network outage) Richard Steenbergen (Feb 09)
- RE: Yahoo offline because of attack (was: Yahoo network outage) Simon Lyall (Feb 11)
- Re: Yahoo offline because of attack (was: Yahoo network outage) Troy Davis (Feb 11)
- RE: Yahoo offline because of attack (was: Yahoo network outage) Havard . Eidnes (Feb 09)
- RE: Yahoo offline because of attack (was: Yahoo network outage) Roeland M.J. Meyer (Feb 09)
- Re: Yahoo offline because of attack (was: Yahoo network outage) Charles Sprickman (Feb 09)
- Re: Yahoo offline because of attack (was: Yahoo network outage) Richard Steenbergen (Feb 09)