Without belaboring the obvious, the apparent objective of the recent dds attack was vandalism writ large. The code in question was not 'great' per se, in actuality it's extraordinarily obvious. No clever exploitation of subtle interactions in IP, no earth shaking revelations of basic flaws, ( the flaws are very well know). Just a plain vanilla DOS written as a client/server app, with some obnoxious randomization in the various header fields of the generated packets. <Conjecture> I 'know' (read- think) that the wake up call has successfully been delivered. These attacks didn't just evaporate, they stopped. I don't think the folks who released the packet storm had a stunning moral conversion. rather, it is my conjecture that a few major '.net's are no longer forwarding traffic with non routable or spoofed address from boundary routers. Just a though. </Conjecture> IMHO, anyone who knowingly allows traffic out of their AS's with spoofed address information is guilty of, at the very least, bad manners. And now, after Mixter's 'experiment' has been activated, maybe something much worse. We do after all live in a litigious society. As to why the perpetrators didn't go after the root servers: besides technical details, one sentence: Wizard don't let children play in the tower unsupervised. ;-) "Starkey, Kyle" wrote: > I don't believe that this was the total objective. I believe (and this is > only conjecture) that their point was the actual vulnerability itself. The > DoS and the newly created DDos attacks are VERY simple to use and widely > available. I think the point was "Hey, check out this great piece of code > that is really easy to use and the MAJOR players on the internet are still > vulnerable." I am hopeing it was more of a wake up call than it was > malicious, but who knows. > > -Kyle > Information Security > MSDW Online > > From: hndat_private [mailto:hndat_private] > > ...If these hacker really do want to create massive scale > problems why not hack the root servers?!!!!!!! This will bring down the > whole internet.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:04:11 PDT