Forwarded from: Darren Reed <darrenrat_private> You know, after reading about how the FBI has been able to get in on the "inside" of hacking circles, I wonder if maybe it is "white hats" who are starting attacks like this. Why? a) hack a site, get your hack onto a defacement archive. The more web sites you do, the better you are. By discouraging people from archiving web sites which get defaced there is no longer an archive of hackers' work, nowhere for them to say "look at all the web sites I hacked". In a way the psychology here is similar to why it is good to clean away grafitti (which you can't easily archive, aside from taking photos). b) people don't want permanent reminders of how they screwed up their web server security. If people want to keep, online, an archive of hacked web sites then maybe the answer is to make it distributed so that a DDoS attack cannot be concentrated on any one particular target. Maybe in doing things like that there are solutions for other web sites in avoiding DDoS attacks. For example, using Akami servers for real content. In some email I received from InfoSec News, sie wrote: > http://www.theregister.co.uk/content/55/21706.html > > By John Leyden > Posted: 17/09/2001 at 15:28 GMT > > Alldas.de, the well known defacement archive, is once again looking > for a home after a deal to move from its ISP fell through in the wake > of a debilitating hack attack. > > Three weeks ago, Alldas was subjected to a week-long distributed > denial of service attack which knocked the site - and its ISP Kvalito > - offline. > > Kvalito introduced filtering and the DNS record of Alldas.de was > updated so that prospective hackers would be throwing attacks at the > site against their local host instead. > > Alldas.de's contract with Kvalito already on the point of expiry and > worse followed when the ISP to which it planned to move dropped the > hosting deal. This has left Alldas.de unavailable at a time of > heightened interest in hacking activity. > > Fredrik Ostergren, a spokesman for Alldas.de, told us the site was > looking looking for a new hosting service, but he was far from > optimistic. "I hope we will be back up soon but it looks dark," he > said. > > In June this year, Alldas.de weathered a Syn-flood attack that had a > knock-on effect on Kvalito's other customers, throwing some of them > online. Alldas.de received its notice to quit. > > At the time, Alldas.de made clear its requirements from a prospective > future landlord. > > The ISP should be able to handle a growing volume of traffic that has > reached 300GB/month, deal with 10 flames per month about port scanning > - though Alldas.de has offered to answer those on its own - and > tolerate the occasional DDoS attack. > > After Attrition.org decided to get out of the defacement archiving > business this summer (when it decided it was too much hassle to > continue as a hobby), Alldas.de became the main game in town. > Interrorem.com and Safemode.org do record defacements but their > service is not as comprehensive as that of Alldas.de. > > Any ISPs out there keen to save Alldas.de's service can email them > directly. Press <pressat_private> - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Sep 19 2001 - 14:19:21 PDT