DDoS: Food for thought.

[Darren Reed <darrenr () reed wattle id au>]

For those of you that don't read ISN, make an effort.

Regardless, if you haven't, read below.

Some interesting observations about events, particularly the
timing of when various things happened.

> From my personal perspective, a friend of mine was telling me
last year that on university he was associated with had been
black holing an IRC server for some time due to it being
attacked with a farily regular bitstream in the 100s of megabits
per second.  That never made it into press, as far as I know.

Cheers,
Darren

> ----- Forwarded message from William Knowles -----
>
> From owner-isn () SECURITYFOCUS COM Tue Feb 22 23:10:01 2000
> Approved-By: jericho () DIMENSIONAL COM
> Delivered-To: isn () lists securityfocus com
> Delivered-To: isn () securityfocus com
> X-Sender: wk () idle curiosity org
> X-Organization: C4I Secure Solutions - http://www.c4i.org
> Message-ID:  <Pine.LNX.4.04.10002190149050.22484-100000 () idle curiosity org>
> Date:         Sat, 19 Feb 2000 01:52:48 -0600
> Reply-To: William Knowles <wk () C4I ORG>
> Sender: ISN Mailing List <ISN () SECURITYFOCUS COM>
> From: William Knowles <wk () C4I ORG>
> Subject:      [ISN] Hacker, Media Hype, & Disinformation
> X-To:         InfoSec News <isn () securityfocus com>,
>               HackerNewsNetwork <contact () hackernews com>
> To: ISN () SECURITYFOCUS COM
>
> http://cryptome.org/madsen-hmhd.htm
>
> 17 February 2000. Thanks to Wayne Madsen <WMadsen777 () aol com>
>
> HACKERS, MEDIA HYPE, AND DISINFORMATION
>
> WAYNE MADSEN
>
> For what it is worth, I am a 20-year veteran of the computer security
> community. I have served in the Navy, National Security Agency, State
> Department, Computer Sciences Corporation, RCA, and have consulted on
> computer security with the National Institute of Standards and
> Technology, international banks, telecom companies and even firms that
> manufacture candy.
>
> While working for the FBI and Naval Investigative Service, I put one
> US Navy official in Federal prison for espionage and other crimes, and
> I was involved in U.S. counter-terrorism work in Greece and the
> Philippines. I think I know how the "spook" community operates and,
> more importantly, how it thinks.
>
> The hype associated with the recent Internet flooding is outrageous
> and serves the agendas of the military and intelligence communities
> regarding new vistas for bloated Pentagon and espionage budgets.
>
> On 17 February, National Public Radio's Diane Rehm Show had a round
> table discussion featuring James Adams, a former London Sunday Times
> reporter in Washington who is now a drum beater for information
> warfare, and Jeffrey Hunker, the former head of the White House
> Critical Infrastructure Assurance Office. Adams suggested that for
> critical infrastructure protection certain civil liberties must be
> forfeited. He also stated that Internet transactions should not be
> afforded the same degree of privacy as the U.S. mail.
>
> Hunker was uncomfortable that some people think that scare mongering
> has been at the center of the recent packet flooding of the Internet.
> Adams supported the CIA's creation of IN-Q-IT, a CIA Trojan Horse in
> the Silicon Valley. According to Adams, Science Applications
> International Corporation (SAIC), a virtual CIA proprietary firm, is
> funding, through IN-Q-IT, a program called Net Eraser. None of the
> participants in the Rehm Show were willing to talk about Net Eraser
> and some seemed very nervous about discussing it in detail.
>
> This radio program is highly indicative of the current hype
> surrounding the Distributed Denial of Service (DDOS) attacks on DOT
> COM sites on the Internet. Even the use of the acronym DDOS is
> amazing. Here they are, twenty-something DOT COM executives, who
> probably never thought about computer security except for watching
> re-runs of "Hackers" and "Sneakers," using Pentagon-originated terms
> like "Distributed Denial of Service" attacks.
>
> Why? Who told them to use those terms?
>
> Then Clinton manages to take 90 minutes to attend an Internet security
> summit on February 15. Northern Ireland's peace agreement is falling
> apart, the Israeli-Palestine agreement is unraveling, and Russia's new
> President is putting ex-KGB agents in his government, but Clinton has
> enough time to talk with a group of e-commerce barons, computer
> security geeks, and even one hacker. The whole thing appeared to be
> staged and scheduled way in advance.
>
> The whole so-called Internet "hack" smells of a perception management
> campaign by the intelligence community. Perhaps the system flooding
> was coordinated by one group -- however, those types of attacks
> probably occur on a daily basis without being reported by the world's
> media. It is important to note that one of the key components of
> information warfare -- according to the Pentagon's own seminal
> documents -- is perception management -- psychological operations to
> whip up public support for a policy or program. The early Defense
> Science Board reports on Critical Infrastructure Protection actually
> call for a campaign to change the public's attitude about information
> system and network security.
>
> The Pentagon is a master at deception campaigns aimed at the news
> media. They constantly broadcast disinformation to television and
> radio audiences in Haiti, Serbia, Colombia, Mexico and elsewhere. They
> are now extending this to cyber space. Critical infrastructure
> protection is a masterful ruse aimed at creating the myth of impeding
> cyber-peril.
>
> The major domo is a weird chap named Richard Clarke, a Dr.
> Strangelove-type character who is Clinton's counter-terrorism czar. He
> always talks about defensive cyber-warfare but clams up when it comes
> to offensive US cyber-operations. That is classified.
>
> However, it is certain that the US Government has already done more to
> disrupt the Internet than any other actor -- state-sponsored or
> freelance. For the past few years, US government hackers have
> penetrated networks at the European Parliament, Australian Stock
> Exchange, and banks in Athens, Nicosia, Moscow, Johannesburg, Beirut,
> Tel Aviv, Zurich, and Vaduz. The US also engaged in network
> penetrations in Yugoslavia during the NATO war against that country.
>
> Why doesn't NPR, CBS, ABC, NBC and the others focus on what the US is
> doing to disrupt the Internet? They are instead falling into a
> familiar Pentagon trap of deception and diversion.
>
>
> ---------------------------------------------------
> "Communications without intelligence is noise;
> Intelligence without communications is irrelevant."
> Gen. Alfred. M. Gray, USMC
> ---------------------------------------------------
> C4I Secure Solutions             http://www.c4i.org
> *=================================================*
>
> ISN is sponsored by Security-Focus.COM
>
> ----- End of forwarded message from William Knowles -----