Snort mailing list archives
RE: Possible DOS Attack??
From: Steve Halligan <agent33 () geeksquad com>
Date: Tue, 19 Jun 2001 09:28:00 -0500
For a very good anatomy of a DDOS attack, take a look at http://grc.com.
This is rather offtopic, but I have seen very mixed stuff on the accuracy/wacko'ness of Mr. Gibson's analysis (And his character in general). Some opinions of this culled from the INCIDENTS list: -----Original Message----- From: Barbara [mailto:essence () govital net] Sent: Tuesday, June 12, 2001 4:49 PM To: INCIDENTS Subject: RE: I am a Fool HOW-TO [was: grc attacks] Hello I've been watching this thread very closely, and maybe I can shed a bit of light on grc article. When I first read it , it was like WOW I've seen these kids doing this, maybe I can help. So I tried to contact grc, some of the other people I work with on the DALnet Exploits Prevention Team also have tried. Not even 1 response. These children like Drgreen,wicked and his other friends are just a few that continue to infect mostly badly configured cable boxes. I could name off about 5 different private IRC servers right now that hide 100's of hosts that they use to continually attack our IRC servers and users. (hosts have been notified btw) I've worked on these types of problems for almost 6 yrs now and I am also a member of DALnet's Exploit Prevention Team. We work closely with the authorities such as the FBI, RCMP's,ISP's and anyone else who are willing to help. We have been very successful with a few abusive users which you can read about at www.dal.net/news or http://zine.dal.net/issue10/exploits.html. Anyways.. that's my two cents. The best prevention is a good anti-virus program and education IMO. Please feel free to contact me privately Barbara DALnet Exploit Prevention Team barbara () dal net --------------------- -----Original Message----- From: David Ford [mailto:david () erisksecurity com] Sent: Monday, June 11, 2001 2:13 PM Cc: basics; INCIDENTS Subject: I am a Fool HOW-TO [was: grc attacks] You mean a great 4yr old bedtime story about evil hackers? GRC is a snakeoil salesman who barely understands how many vowels are in the word "internet". This type of IRC bot has been around for well over 8 years to my knowledge. His 'forensics' are all wrong and inaccurate and if he is making a recommendation on firewalls, I'd sure as heck not get one that he is recommending (beside the obvious point that I know well more than he does about all of this). If you haven't picked up on it yet, GRC is purely out for media attention. His products have humor value...or is that sarcasm value..and his diatribes on firewalls and blockable attacks are worthless. David Casey DeBerry wrote:
Great story from the man behind grc.com. Steve Gibson's ddos investigation that also covers a little on personal firewalls, evaluates bots, forensics, etc... http://grc.com/dos/grcdos.htm
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Possible DOS Attack?? ICPPhila_Email_Review (Jun 19)
- <Possible follow-ups>
- RE: Possible DOS Attack?? Steve Halligan (Jun 19)
- Re: Possible DOS Attack?? ICPPhila_Email_Review (Jun 19)