Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security The Internet IT

Visual DDoS Representation and Its Ramifications 104

Posted by Zonk from the seeing-things-helps-to-understand-them dept.
winterbc writes "Prolexic has a report on Zombie infections that bring a visual representation of a DDoS attack. Besides being a rather cool picture, it brings to mind a possible future of personal computing. I would love to see a real-time picture of my 'net connections as my desktop picture, allowing me to change my 'net habits based on what I see. For example, I can download new images from the OPTE Project and set my desktop that way, but a more individual pathway highlighted with my favorite color could happen someday. My point is that while DDoS are painfully ubiquitous today, tomorrow visual mapping in real-time could be a path to the source of the problem."
This discussion has been archived. No new comments can be posted.

Visual DDoS Representation and Its Ramifications More

Visual DDoS Representation and Its Ramifications

Comments Filter:

  • In the future will we have net traffic reports? (Score:5, Insightful)

    by rokzy ( 687636 ) on Sunday May 29, 2005 @12:32AM (#12668118)
    I hope not!

    isn't the whole point that there's redundancy and stuff to make things reliable and invisible to the end user?

    time spent visualising problems is a total waste unless you use it to stop the problem happening again. and prevention is better than cure.

  • What's the surprise? (Score:3, Insightful)

    by FireballX301 ( 766274 ) on Sunday May 29, 2005 @12:51AM (#12668195) Journal
    For all intents and purposes, that could just be a list of largest ISP networks. Large ISPs generally don't have the time to perform broad sweeps against zombie computers.

    What is surprising is the European zombie count is higher than that of the United States. I wonder why.

  • DDoS protection (Score:2, Insightful)

    by StreetFire.net ( 850652 ) on Sunday May 29, 2005 @01:03AM (#12668236) Homepage
    With more and more ISP's offering DDoS protection in the cloud I have to wonder how much longer DDoS in it's current form will remain relevant. Most of the Tier I backbone providers are shutting down these things in the cloud keeping the traffic from ever reaching the customer Gateway (for customers that subscribe to this service), however these systems are looking for uncompleted TCP connections and scripted browsing sequences. So in the next round of DDoS arms escalation, any thoughts on what the next evolution of the zombie net attacks will be?

  • Re:LOL... (Score:3, Insightful)

    by qualico ( 731143 ) <<worldcouchsurfer> <at> <gmail.com>> on Sunday May 29, 2005 @01:50AM (#12668400) Journal
    too funny, I'll venture a guess... ...is it cause people on AOL are the same people who click punch the monkey ads, install comet cursor and New.net along with Gator and WebShots?

  • Re:Relevant info missing (Score:4, Insightful)

    by trelanexiph ( 605826 ) on Sunday May 29, 2005 @02:53AM (#12668549) Homepage
    I've seen dosnets on IRIX, Linux, SCO Unix/Openserver, and Solaris. Windows users are not the only ones running infections. Ooh yeah, the guys hitting unix are usually far more skilled than those using cookie cutter exploits to mass-infect windows machines, meaning that though they don't hit harder, they may hit smarter.

  • Along that same line of thought... (Score:3, Insightful)

    by lullabud ( 679893 ) on Sunday May 29, 2005 @03:49AM (#12668671)
    If somebody takes the time to 0wn a server, it's likely because that server is on a fat pipe. If the purpetrator throttles his network usage it could go undetected and have much more serious reprecussions than a dozen infected desktop PC's on DSL. Then again, not all computers on fat pipe's are non-windows boxes... I had to clean up a Serv-U hack on our T1. =/

  • Re:And what is being done about this? (Score:3, Insightful)

    by Isomer ( 48061 ) on Sunday May 29, 2005 @06:32AM (#12668987) Homepage
    I help out on the Undernet IRC Network. We have automated tools that detect botnets, but what can we do after we've detected them? Email their ISP's? They in general don't care. Talk to the FBI? They don't care either. Ban (Gline) them from the network? We get DDoS'd for the trouble, either directly by the kiddie taking revenge, or even indirectly by just having to live with the constant synflood of thousands of DDoS drones still trying constantly to reconnect to our servers.

    Finding out who these people are isn't hard, we often know who they are, and even where they live, but nobody cares. These kiddies start by playing around DDoSing a few IRC servers here or there, but then they move on to bigger things like extortion rackets etc. Almost all of the people being put away for various High profile Cybercrimes have at one stage or another been well known by IRC administrators, but nobody cares until they've turned their sights on bigger fish than IRC networks.

  • Re:And what is being done about this? (Score:4, Insightful)

    by Kent Recal ( 714863 ) on Sunday May 29, 2005 @06:58AM (#12669053)
    what can we do after we've detected them?
    we often know who they are, and even where they live

    Easy. Make a public list.
    Put up a description of all incidents and all related information (IP-Address -> ISP -> personal info) that you have gathered.

    The kids don't like to read their real name on a website.

Slashdot Top Deals

Kleeneness is next to Godelness.

Close