why have i been hearing so much about DoS attacks day in and day out? i've been doin' network sh*t for more than half my life... n... well.. its just been the last year or so that i hear more and more of these attacks... what was goin' on b4 to protect against it thats ineffective now?

Wooh, that beats me! Maybe it has something to do with lack of security or personel?

What was preventing so much spam a year or two ago? That also has increased by 10x in the last 12 months.

well... `cause there are more and more people willing to do things that do no good to others and themselves.............................

*pulls out a bat*

got names?

lol

Maybe because they have nothing better to do...well ofcourse I'm joking.

Some of the reasons could be :
1. Some people don't do that well their jobs (hosting/datacenter side)
2. Policies and politics....these two often make some persons get angry with some companies
3. People treated badly...wish to take revenge
4. Empty head people...wish to play..and fill their stupid ego
5. Personal fighting
6. Powerful tools in the hands of too many people
7. Powerful tools and knowledge...easily accessable by kids, stupids, criminals
8. More people playing with the net...means more trouble
9. Single windows users...have not good knowledge on how make their desktop secure
10. Server administrators forget often how important security is
11. Software developers and software houses sacrify some security to catch deadlines
12. Home users have started to abbandon dialup connections, getting faster and permanent connections (static or almost static ip) ....this way gets easier to be hacked and their pcs to be used as attack bases
13. whatever else you can think could be the base of an attack or a DOS attack...

lol netdude

Well, when you have people writing scanners to automate the exploitation and installing of distributed DoS software to victim hosts.... they can control thousands of these DDoS hosts.

A hit by one of these will put a damper on anyones party.

Very hard to stop what appears to be legitimate traffic from thousands of randomly placed hosts too.

Worst of all, it doesn't take a whole lot of knowledge to do.

It's funny you talk about this since this happened to a couple of private servers the othernight. We run an internet radio show that is boradcasted over irc. I'll be the first tell you most ddos is related to irc.

Here are the main reasons why I think ddos is becoming more common:

1. Some kid dosen't get his way his mommy and daddy don't pay attention and the only way he can hurt you over the computer is with ddos attacks.

2. The FBI dosen't care about ddos attacks unless you are a major corporation and atleast $50,000 in damages have occured.

3. Hosts don't work together because they don't want to reveal customers information. This happened to me last night, the host was totally uncooperative. I was so mad I felt like ddosing back, but it dosen't solve anything.


I guess all you can do is wait until the ddos is over or put filters in to stop it.

Originally posted by dk2
I was so mad I felt like ddosing back, but it dosen't solve anything.

ddosing what back? each of the 5000 trojaned windows ips that hit you? its highly unlikely it was done by a few high bandwidth hosts.

Wasn't done by a windows ddos net

netdude, can I help? :D

I was wondering the same thing the other day. I noticed a bunch of threads about UnitedColo being down, and everyone attributing it to DoS/DDoS attacks. Didn't FDC go through a phase where they were attacked every few days? I started to think... Maybe it's one really immature person. If I have a few dedicated servers in different data centers... I could theoretically pump out 100 Mbps from each of them (obviously, it's unlikely I'd actually get the full 100 Mbps, but I digress). Get a couple friends, and I could theoretically have a gigabit of traffic real quickly.

The thing that scares me is the whole "script kiddy" epidemic. People who are barely computer-literate can start "owning" servers by the dozen, and launch massive DDoS attacks against people, without really even understanding what they're doing.

BTW, I agree... Something needs to be done. If I ran a hosting biz, I'd have no problem revealing customer info if they started using it for network attacks. (Heck, I'd put in the AUP/ToS that I'd post it to WHT, on the main page of my site... ;))

RS was getting dos'ed yesterday
united colo got hit
its sickening

yea with they'd stop :( they getting more and more common all the time.

Well it IS possible for DDos attacks to be stopped.

Its just a matter of using "reverse firewalls" so that the machines on a network CANT be used in a DDOS attack.

Maybe this is an insane idea... But couldn't people start to treat places known to have hosts involved in DDoS attacks the same way people treat spammers? If someone uses boxes at Bob's Hosting, and Bob's Hosting doesn't have firewalling in place to prevent it, why not null route anything coming from Bob's Hosting?

I'm not sure how you'd really know, but I suppose if you got a lot of attacks, you could do it. Of course, you would have a major problem with the broadband companies, especially since I'm not sure anyone would keep a server at a place that null routes AT&T, for example, because DDoS attacks have come from there.

I think we ought to take the approach that we do with spam -- if you're going to let it happen on your network, we'll start blocking you and get your upstreams to cut you off. Soon places will be eager to install the "reverse firewall" that greatbeast mentions -- not necessarily because they're a responsible hosting company (though this would hopefully be a part of it), but also because they're being blocked by some places.

Obviously, this is just a random thought (is it also obvious that I'm really tired?), and probably won't work too well... Or would it?

Originally posted by dk2
It's funny you talk about this since this happened to a couple of private servers the othernight. We run an internet radio show that is boradcasted over irc. I'll be the first tell you most ddos is related to irc.

Most of the control of those ddos is done through irc too. All those infected computers have to get together somewhere to recieve instructions on what and where to attack. So this happens on public irc servers, mostly those with bad security or lazy irc-admins. The irc of ICQ for example ( irc.icq.com) has a pretty bad reputation for this, most of the few thousand users there are not human but just floodbots. Now and then you could wander into a room with some hundred bots and a 13yr old kiddie giving them orders . Quite hallucinant to see...


And maybe this info could help in tracing and stopping ddos ? The attacks are mostly not pre-programmed, they get directed in real-time... so if you could just search through all the traffic data you could find the ones responsable for it. Maybe, but i'm surely not an expert though.

I think we should implement the jay and silent bob method of going door to door and drag them out of their houses and beat the crap out of them. The problem is that they can hide behind their computer and feel safe, but in real life they are probably little wimpy worms with no backbone. Someone needs to merge their "cyber life" with "real life"

Originally posted by goodness0001
I think we should implement the jay and silent bob method of going door to door and drag them out of their houses and beat the crap out of them. The problem is that they can hide behind their computer and feel safe, but in real life they are probably little wimpy worms with no backbone. Someone needs to merge their "cyber life" with "real life"

that sounds awesome then we could video record it and upload it and let everyone watch hahah ;)

lol

yeah... like bumfights... it'll make millions

btw... i ain't gonna b on these forums for a few days cuz i got hella sh*t to deal with on this end... zdwebhosting can vouche for that... he knows the story... n how much it blowz... err

lol yea i would hate to be in your shoes right now ;) anyhow

if ya get the details of any of them in the uk you might wanna let me know, i know a few cavemen who'd be all to happy to whup some ass :) i got me a camcorder and tripod to capture the slow and painful death probably involving rusty razor blades, antiseptic and terry wogan videos. the little ****s should be given to some real evil barstewards.

I dont know, but one of our servers just fell victim lastnight to 2 dos attacks pushing 54mb/s

it is getting rediculas, doesnt seem like much helps.

do you have to pay the traffic goodness?