Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
The Internet Security The Almighty Buck IT

DDoS Extortion Attempts On the Rise 277

Posted by michael from the pay-to-play dept.
John Flabasha writes "There's an excellent article that originated on the LA Times and was syndicated to Yahoo News about DDoS attacks on online gaming and one of the solutions out there. Since when did ISP null routes go out of style?" We've run a number of previous stories about DoS blackmail attempts, like this one or this one.
This discussion has been archived. No new comments can be posted.

DDoS Extortion Attempts On the Rise More

DDoS Extortion Attempts On the Rise

Comments Filter:

  • Re:Null routes? (Score:5, Insightful)

    by antifoidulus ( 807088 ) on Tuesday October 26, 2004 @01:23PM (#10632423) Homepage Journal
    Not to mention that the zombies you are blocking may very well be potential customers(note that they are attacking gambling sites), never a good idea to block your customers.....though educating them might not hurt.

  • Comment removed (Score:2, Insightful)

    by account_deleted ( 4530225 ) on Tuesday October 26, 2004 @01:31PM (#10632524)
    Comment removed based on user account deletion

  • well (Score:2, Insightful)

    by Fiddy Cent ( 823482 ) on Tuesday October 26, 2004 @01:31PM (#10632528)
    Sooner or later they're gonna try to extort the wrong people, and then Luca Brasi shows up at their doorstep.

  • Re:Null routes? (Score:4, Insightful)

    by Rares Marian ( 83629 ) <hshdsgdsgfdsgfdr ... tdkiytdiytdc.org> on Tuesday October 26, 2004 @01:35PM (#10632566) Homepage
    Exactly why is letting a DDoS crush your service to everyone when they attack on of your sites better than blocking customers in one group?

  • Re:Worldpay and Paypal, that hurt bad (Score:5, Insightful)

    by eln ( 21727 ) on Tuesday October 26, 2004 @01:39PM (#10632611)
    Your friends are obviously not real e-commerce people. Everyone who has ever worked in tech support knows that all businesses lose millions of dollars a second every time anything related to their Internet service goes down.

  • This is the reason why we cant get world peace. (Score:5, Insightful)

    by jellomizer ( 103300 ) * on Tuesday October 26, 2004 @01:40PM (#10632621)
    When ever we make someting available to the general public there is a matter of time until some jirk finds a way to cause problems. The internet has been around for about 30 years and has been popular for about 10 years. So after this short time we have turned a means of comunication ( And what a lot of people think as a step to peace ) into a complete war zone. And because no one directly (Indirectly some one may) gets hurt, and it is a lot harder to track someone down, they will attack sites and ingage in Mob beheavior much more esially then in real life. So a person who is on the outside will seem like an ordanry citizan when on the internet becomes a massive crime lord extrorting thousands of dollars from companies. They should bring back public flogging as a form of punishment, it seems a suitable punishment for a criminal who comits his crime in anonmity.

  • Re:Sounds like he learned a lot while in IRC... (Score:2, Insightful)

    by Anonymous Coward on Tuesday October 26, 2004 @01:49PM (#10632710)
    I really can't be the only one who finds it hypocritical he's starting his own protection racket, can I?

    How is it a protection racket?

    Comparing a security company which helps defend against DDOS attacks to the DDOS attackers themselves is like comparing a security guard whom you hire to guard your business to the local gang who shake you down for "fire insurance".

    Yes, both are getting paid to prevent harm to your livelihood. But the DDOS attackers and the gang are the ones threatning that livelihood in the first place. There is absolutely no moral equivalence here.

  • Re:IP Spoof Filtering... (Score:3, Insightful)

    by dnoyeb ( 547705 ) on Tuesday October 26, 2004 @01:52PM (#10632749) Homepage Journal
    Zombies don't spoof.

  • Re:Null routes? (Score:1, Insightful)

    by icedivr ( 168266 ) on Tuesday October 26, 2004 @01:53PM (#10632760)
    You don't null route the source of the traffic, you null route the destination. As the route propagates through BGP, routers across the world suddenly start returning 'no route to host' type messages, thus rendering a DDoS ineffective.

  • Re:exactly (Score:2, Insightful)

    by Monkelectric ( 546685 ) <[moc.cirtceleknom] [ta] [todhsals]> on Tuesday October 26, 2004 @01:59PM (#10632824)
    Oh they are actually -- and thats the reason for a lot of the animosity towards us right now (in addition to our screwups as of late). They are grown up being told we are this wealthy and technologically advanced country (true and true) and that if we *WANTED* to we could solve the problems of their country easily (not true), and it is only because we are too selfish (half true) and too busy with our luxury to notice their suffering (not true) to beset upon them with our benevolence.

  • Re:Worldpay and Paypal, that hurt bad (Score:1, Insightful)

    by aputerguy ( 692233 ) on Tuesday October 26, 2004 @02:02PM (#10632864)
    Everyone who has ever worked in tech support knows that all businesses lose millions of dollars a second every time anything related to their Internet service goes down. Millions of dollars a second??? A bit of an exxageration... Actually losses are always less than the hype since you need to think about losses in net contribution dollars (not gross revenues) and also consider only true lost (vs. deferred sales). Outages both planned and unplanned are an unfortunate fact of life. One tries to minimize them when at all possible but the losses are typically manageable and are for better or worse part of the cost of doing business on the Internet.

  • Re:Null routes? (Score:3, Insightful)

    by Matthew Weigel ( 888 ) on Tuesday October 26, 2004 @02:14PM (#10633013) Homepage Journal

    From the perspective of the host going down... no.

  • Yes, there are legit IRC users left. Its my primary method of communication with the people who host services on my equipment, or to coordinate upgrades, or whatever we need to do that requires real time communication.

    To attack IRC servers just because thats the place where the bots go, is assanine and illegal. Some servers have 5000+ users on them, and the people who own/run those servers have enough problems as it is dealing with attacks from packet monkeys.

    How would you like it if I DDoS'd your server because one of your users sent out spam? You'd probably be screaming bloody murder to the FBI about it.

    Unless you are willing to allow other people to do the same things you want do to them at the exact same levels, don't even suggest that attacks are a way of dealing with a problem.

  • Re:Easy Solution (Score:2, Insightful)

    by elambi ( 251600 ) on Tuesday October 26, 2004 @03:24PM (#10633814)
    Unfortunately Lativa is not in Russia.

  • It's kind of ironic... (Score:3, Insightful)

    by adiposity ( 684943 ) on Tuesday October 26, 2004 @03:26PM (#10633833)
    Back when SCO was claiming they were being DDoSed, many experts made claims that resulted in stories like the following:

    The debate touches on more subjects than we could possibly cover here, but experts are claiming that SCO could have taken countless preventative measures to stop the attack affecting their services.

    (see here [itvibe.com])

    Groklaw had a bunch of "experts" claiming it was easily stopped, as well, and suggested it was faked by SCO.

    The truth is, as people here have pointed out, that it really doesn't matter what preventative action you take; if your pipe is full, your pipe is full, even if you drop all the packets when they hit your routers.

    You can't easily beat a bandwidth saturating attack.

    -Dan

  • Re:Null routes? (Score:3, Insightful)

    by tomstdenis ( 446163 ) <tomstdenis AT gmail DOT com> on Tuesday October 26, 2004 @03:37PM (#10633980) Homepage
    um ... a socket is only allocated to a connect() call. If you ban the IP on the firewall side the SYN is simply ignored.

    So yes, the 40 byte SYN packet consumes bandwidth coming in. But you don't expend bandwidth or cpu time otherwise [e.g. no ACK/SYN going the otherway]

    Although that raises an interesting question. Who should pay for the bandwidth coming in? Just like who should pay for SMS? I didn't choose to have a SMS plan [well ok by signing up I did, but they don't have non-SMS plans]. So if some ass decides to SMS-bomb my cell why should I pay for it when my cell company didn't protect me?

    So if you firewall some jackass with a fat-pipe who decides to connect flood you and you do your part by not opening the connections who should pay for it?

    I think this is a good way to transfer some responsibilities back to the ISPs [in particular the originating ISP, something fishy about the same or similar HTTP request occuring 1000s of times a minute from a DSL...] and ultimately the user. Just like how spam should [ideally] be handled....

    Oh yeah...

    Tom

Slashdot Top Deals

Thus spake the master programmer: "After three days without programming, life becomes meaningless." -- Geoffrey James, "The Tao of Programming"

Close