A $500 Celeron system can fill a 100-mbps pipe pretty easily with 148,800 SYNs per second (I've done it, on Windows no less). Host one each at AboveNet, Exodus, Conexion, Pair, etc. I would say that you need less than 20. However, hiding yourself at the POP can be tough. On one hand, they don't have good security practices, so you can have fun spoofing neighbors MAC addresses and IP addresses. On the other hand, they tend to use SNMP manageable switches. They can quickly track down which port on which switch is sending out the traffic and shut them off. (This is why my first thought on the DDoS was that most of the traffic came from universities -- they are managed less well). Robert Graham --- Darren Reed <darrenrat_private> wrote: > If you had money to burn, how many el-cheapo pc's would you need to install > at POP's around the world such that you had a virtual army out there that > was yours and from which you could send forged packets whenever you like? > (just how many ISPs are going to bother checking, eh?) All you have to do > is muddy the path of who the ISP thinks owns those boxes and yourself in the > event that someone works out which boxes the packets are actually coming > from...would 1000 be enough ? (Are there even that many POPs ? :) Maybe > too expensive for a teenage hacker, but not the mafia, CIA, etc. ===== Robert Graham http://www.robertgraham.com/pubs __________________________________________________ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:07:02 PDT