A Peek At Script Kiddie Culture

Brian Bruns writes "NewsForge is covering an article on the Script Kiddie Culture, in an interview with my co-admin Andrew Kirch. It provides insight into a culture that not many people fully understand, or get to see."

What is there to understand?

[Anonymous Coward]

Search, copy, paste.
Woho! Im leet!

Re:What is there to understand?

[rpeh]

U ju57 g4v3 4\/\/4y 477 0ur 1337 h4x0r 53cr375! U r 14/\/\3! 1 \/\/i11 g37 r007 0n 411 ur b0x35 4nd 0wn0r U! 411 Ur 53rv3r5 r b310ng m3!

addendum to topic paragraph

[cmacmanus]

..or want to see.

Re:addendum to topic paragraph

[poptix_work]

No kidding, both Brian Bruns and Andrew (trelane on IRC) are script kiddies furiously trying to display a white hat.

If in doubt, search google. This "SOSDG" is hosted on someones cable modem, yet claims to run DNSBL's used by "Hundreds of government sites including .mil and .gov"

In conclusion, I have my own IRC logs:

[28/1806] [trelane(trelane@adsl-68-78-10-171.dsl.ipltin.amer itech.net)] packeting an NYPD officer, have you no patriotism?
[28/1809] [trelane(trelane@adsl-68-78-10-171.dsl.ipltin.amer itech.net)] you're a whore for packeting sigdie resources, and a terrorist for packeting an NYPD officer's COLOC, treason is punishable by execution still isn't it?
[28/1812] [trelane(trelane@adsl-68-78-10-171.dsl.ipltin.amer itech.net)] terrorist.
[28/1812] [trelane(trelane@adsl-68-78-10-171.dsl.ipltin.amer itech.net)] packetmonkey
[28/1812] [msg(trelane)] this is great stuff, keep spewing
[28/1812] [msg(trelane)] funny stuff
[28/1812] [trelane(trelane@adsl-68-78-10-171.dsl.ipltin.amer itech.net)] fuck you for dos'ing my equipment last night btw
[28/1814] [trelane(trelane@adsl-68-78-10-171.dsl.ipltin.amer itech.net)] you're a fat ugly spunkmonkey for packeting an RBL
[28/1814] [trelane(trelane@adsl-68-78-10-171.dsl.ipltin.amer itech.net)] you realize the feds are giving us madhelp after the shit from this fall?

(Despite their rantings, they can only hop on IRC and point fingers when their cable modem gets attacked)

Re:addendum to topic paragraph

[Anonymous Coward]

But aren't you a bit embarrassed to admit that you hang out in these places?

Re:addendum to topic paragraph

[poptix_work]

"these places" being EFNet, no.

not many people fully understand, or get to see..

[chrispycreeme]

...or care about.

Re:not many people fully understand, or get to see

[MMaestro]

The sad part is people SHOULD care. Everyone from Joe Average to Bob Businessman should take notice of this.

If Joe Average's cable modem bandwidth is getting sucked up by some kiddie script, he should care. Especially when his ISP sends him a warning letter saying hes using up too much bandwidth when the most graphic intense site he's visited that month is CNN.com.

Bob Businessman definately should care as well. That dedicated T3 line he uses at work is being used to get information to his consumers. If the site starts to get slow due to a worm causing him to download hundreds of gigs of pr0n, not only will his consumers get angry but his employees may suffer in effeciency...

Re:not many people fully understand, or get to see

[caino59]

but his employees may suffer in effeciency...

because they are wanking off to said 'pr0n'

Re:not many people fully understand, or get to see

[SurgeonGeneral]

The sad part is people SHOULD care. Everyone from Joe Average to Bob Businessman should take notice of this.

Are you kidding me?
I mean, I know we're all techies here, but lets break out of our shells for a second. This matters to people who make over 40k a year. Joe Average works in a factory and lets his kids use the internet for schooling. Do you think Joe Average, who was raised on libraries and encyclopedias, cares even for a second about whether his ISP goes down for 6 hours? Joe Average has to deal with bills, healthcare, school, drugs, gangs, crime, etc. etc. Joe Average needs tax dollars spent ensuring the welfare of our society, not the welfare of Bob Businessman's T3 lines so profit margins remain high.

Putting feds on the case of script kiddies is taking away from money and manpower that our society desperately needs. We need more concern over corporate accountability and less for corporate profits.

Re:not many people fully understand, or get to see

[Ironica]

Joe Average needs tax dollars spent ensuring the welfare of our society, not the welfare of Bob Businessman's T3 lines so profit margins remain high.

Generally I agree, except...

Bob Businessman is Joe Average's boss's boss's boss. When his T-3 line for the site that sells whatever widgets Joe Average is putting together gets sucked dry, it costs the company money. Six months later, when they have a shareholder meeting coming up, that expensive worm might cost Joe Average his job in a layoff.

It's important to recognize that the resources needed by some people aren't the resources needed by everyone. But by the same token, it's also useful to recognize when the resources sucked up by one abuse end up costing others important resources down the line.

Let us bandy words, shall we?

[Squarepusher]

I won't pretend to be a real techie guy, you can go ahead and stick me in the "Joe Average" category. Although as a Mr. Average I do hang around /. a bit and so am aware of these kind of topics and concerns, which is more than (can I say most?) could say.

Anywho...with that said here's my $.02:

I think that everyone posting above me has their own valid points which I shall paraphrase here.

1. We don't want money being thrown away to fight a battle that may or may not be won, if winning is even a real possibility.

2. We can agree that the actions of these "script kiddies" is to some degree detrimental to business. Seeing as how s#it rolls down hill, it can also have an impact on us blue collar folks. I think it's accurate to say that the negative impact will grow and become more noticeable as time passes.

So, what kind of happy medium can be found amidst the viewpoints which say either "It's a waste of resources to fight." or "Something must be done."?

Should officials not try to trim the fat from current programs and then allocate the new resources to fight this growing problem? I'm responding here off the cuff so I sheepishly admit I don't have a prepared list of potential candidates for severence. But, therein lies my question; Where is the government and general law enforcement concentrating that is perhaps irrelevant.

I know plenty of people here can come up with a long list of things our government wastes money on. Furthermore I'll bet'cha we can get over half those involved in the discussion to agree to the slashing of this or that. What say ye pantheon of knowledge?

---

Re:Let us bandy words, shall we?

[wmspringer]

I know plenty of people here can come up with a long list of things our government wastes money on. Furthermore I'll bet'cha we can get over half those involved in the discussion to agree to the slashing of this or that. What say ye pantheon of knowledge?

Unfortunately...

The liberal voters here will say that the tax cuts for millionaires are what we should get rid of.

The conservative voters will say that services for the poor (welfare, etc) are what we should get rid of.

Neither side will agree with the other.

Re:Let us bandy words, shall we?

[sirsnork]

My biggest concern is nothing will be done until it gets to the level we currently see for spam, and then it will be too late because as soon as half the taffic on the internet is false and can't be routed properly (due to spoofed addresses) we are all SCREWED

Re:not many people fully understand, or get to see

[Magic5Ball]

Everyone from Joe Average to Bob Businessman should take notice of this.

Add to that list the front-line TSRs and CSRs who are often the first to hear of new discoveries and ignore them.

Imagine this: a young marginal power-user stumbles upon an unintentional feature that is repeatable. She can either seek approval from the software publisher, whose *SRs who aren't allowed to break from the script to actually respond to the problem properly (or they don't have the time to understand potential exploits/bugs

Re:not many people fully understand, or get to see

[Zeinfeld]

And Joe Poweruser? He should peek at the iptables-log, laugh, drink a cup of coffe and get back to his code.

The point of DDoS is that it hits everyone. Sure we get huge numbers of DDoS attacks at work, sure none has ever taken us down. But the check that we have to write to ensure that is huge, millions a month.

Here [blogspot.com] is a take on this issue from Phill Hallam-Baker: [blogspot.com]

OK so a second bite at the same article, lets take a look at those DDoS schemes.

According to the article the ISPs are unresponsive to take down requests, the FBI do not take notice. I know that people keep making this complaint but there are high tech crimes units in the major cities and they are looking to takedown these guys. And at the moment the demand is such that DDoS is being treated as if it was a littering offense.

I think we need a better primer on how to prepare a case for law enforcement. I guess it is possible if you read the article carefully that the desk guy thought this particular person had been getting evidence by hacking.

We can't expect to do this with law enforcement in the loop every time. Lets change the model, law enforcement only get involved if the ISPs fail to act, and instead of just going after the hacker there is a liability for the ISP.

This is consistent with fire department model of government security regulations. You can do pretty much anything to your house decoration wise. Government only gets involved when safety is the issue. In particular the fire dept won't let you build a house that is a fire-trap, in part because it might set fire to buildings arround it.

Here we have ISPs that are forwarding bogons. It seems to me that this should not be that difficulty to prevent. A $500 box performing passive listening at the cable head end could sound an alert when there is a bogon attack. You don't have to look at every packet, all you need to do is to look at a sample. If you see an ethernet MAC spewing bogons you shut it down.

Another approach would be to push the bogon prevention right to the cable modem. Why on earth would these let bogon injection take place in the first place? Sure there will be some hacked modems, but DDoS is comming from hijacked machines.

Cable modems, NAT boxes and the like should have limiters built in to prevent the creation of ridiculous numbers of SYN packets or outgoing UDP packets to reserved system ports like DNS. It is pretty easy to think of numbers that should be no inconvenience to any legitimate use, and there could be an option to turn them off in any case. But why give every home user the equivalent of a loaded machine gun when they don't need or want one?

Reduce the value of your machine to a hacker, reduce the probability of attack?

How is this a 'culture'?

[Gothmolly]

Are people looking for some Gibson-esque secret cabal of script kiddies, who are building operating systems at age 8, can speak in hex, and have secret h4X0r access to everywhere?
I think people watch too many movies. Or is defining 'script kiddies' as a culture an attempt to rationalize the level of ignorance we experience when trying to comprehend all of computing technology? Since nobody can be good at everything, is it a mental safety valve to create uber-computer users, who 'get it', who can do 'cool things', who are 'in the know'? Isn't this the same thing as creating Gods to explain otherwise unknown natural phenomena?

Re:How is this a 'culture'?

[H1r0Pr0tag0n1st]

It's a culture in the same way that it is a culture if I scrape crud off the toilet and throw it in a petri dish with some growth media....

Re:How is this a 'culture'?

[Anonymous Coward]

I'd mod parent funny but not insightful. As a kid in the 80s I was part of a bbs culture. Whether people liked it or not it still had its own social norms and modes of expression and behavior. Just because these kids are assholes doesn't mean there's no culture there .. it just means it's a culture of assholism. that said, i think parent post is legitimately humorous.

Re:How is this a 'culture'?

[golgotha007]

i ran a bbs in the early 80's and was part of the 'scene'. yes, i had a message subboard called 'ELITE' where we would all post our MCI and Sprint codes and intesteresting phone numbers.

most of us then were total geeks that either couldn't hold his own at a jock party or was too nervous around girls. the one thing that we did have was power when it comes to telecommunications. and that power, because it wasn't to be enjoyed outside the computer, made us all arrogant little assholes.

i see nothing has changed.

of course, then we didn't call them script kiddies (which i find appropriate), we called them 'kidhacks'.

On a similar note...

[Cyno01]

Mt dew is a great agar for growing script kiddies...

Re:How is this a 'culture'?

[_Sharp'r_]

I thought the script kiddies were the ones that didn't do any more cracking than search/download/copy-and-paste?

The people who actually know what they're doing are much more dangerous, generally on the grey to white side of the law and don't bother with DDOS on somebody's little website, since if they really wanted to, they'd just take entire nations' Internet access down.

I mean, I could think of a 1/2 dozen ways to wipe out a whole country's internet access completely for a day or two (no, I'm not going into details here, but if use BGP in your work life, you can probably think of a few also), but most people who've spent the time to learn at that level also are mature enough to realize that there isn't much of a point to wanton destruction.

Re:How is this a 'culture'?

[LostCluster]

I thought the script kiddies were the ones that didn't do any more cracking than search/download/copy-and-paste?

The script kiddies we're talking about are those who are copy-and-pasting 0day hacks. A hack that the White Hats don't know about yet, and even most black hats don't know about yet. The big mysterious question: Just how did these kids get into the web-of-trust it takes to have this tool before the "good guys" do?

Afterall, the first "good guy" who gets this tool will hand it over to the white hat experts who will start the work on the patch that makes the hack worthless. So, the web of trust on these things has to be tight... so again, how do the new script kiddies get in the club?

Nice question!

[955301]

I'm betting that the kiddies play a role, in much the same way the messenger does for the author of the letter.

And like the messenger, they are more likely to get shot by the good guys when the let a hack loose into the wild.

Could it be that a few black (and possibly white) hatters find that they serve a purpose?

Yes

[Felinoid]

It's easier to sell companys, government agentcys and cable modem users on using reasonable security precautions with half a million children running around with viruses and such looking to screw with anyone who gives them half a chance than it is to sell them on the notion that the 6 big bad nasty terrorist black hatters will crush them like a grape if they make the sligtest mistake.

People will assume they are safe from the big time terrorist dude becouse "I'm not a sereous target".
DDoS attacks against major targets use hacked cable modem users desktops.
Spammers use Worms to establish a spamming network.
ID theft resulting from the simplist of mistakes.

That stuff happening today.

When telling people how important security is:
With out script kiddies
"Why would anyone attack me?"
"Your system can be used as a launching point for all sorts of attacks"
"Yeah right."
It's hard for a person to picture how "they alone" could be be a target and they'd be right becouse they aren't alone. But the details sound like SiFi to most people and they tune you out.

With script kiddies.
"Why would anyone want to attack me?"
"Becouse your an easy target. Script kiddies need no other reason"

Re:How is this a 'culture'?

[iminplaya]

...how do the new script kiddies get in the club?

I think they're appointed by the president, and after a confirmation hearing, they're in.

Re:How is this a 'culture'?

[Imperator]

Yeah, but if the president knows they're not going to get past a confirmation hearing, he can use a "recess appointment", in which he appoints them during recess.

Re:How is this a 'culture'?

[zagmar]

I think one of the points being made in the article was that these kids are fed the exploits in order to remove any potential legal reprisal from the original discoverer, hence the mention of Al-Qaeda. Think about it this way: I'm a 30 year old sysadmin with a chip on my shoulder and I discover a nasty security hole in a piece of software that my employer, as well as hundreds or thousands of other companies, use. Am I going to use this myself, opening me up to all kinds of charges (which are much easier to back up because of my position, and which have much nastier names, such as "corporate sabotage,") or am I going to tell the gang of 1337 h4x0rz that I see every night on IRC, hoping that they will hit my company as well as all the others that use the software?

Re:How is this a 'culture'?

[digitalsushi]

but if use BGP in your work life, you can probably think of a few also)

I dont know how BGP works, but I heard that way back in the day, some dude at some ISP announced that he had a /0, or some such thing, and the entire net got routed to him, and subsequently, broken. And then they put in filters into BGP so that core routers could say "you're full of crap that's not your ASN". Is the BGP system still sketchy enough that the existing safeguards against taking down stuff as big as a country still exist? (granted a lot of countries probably have one internet connection going in, sadly)

Re:How is this a 'culture'?

[_Sharp'r_]

BGP is a little less fragile than that, but not by much.

A well setup core router will protect your network from most bad announcements from your downstream clients, but if one of your upstream providers gives you the right bad info because their router has been screwed with, you're out of luck until a real person figures it out and takes the link down.

Then of course, all the outgoing traffic for that link cascades over to your others.... and now that many people are blocking snmp due to Cisco vulnerabilities it gets a little harder to figure problems out.

And of course, much of the incoming traffic probably still sees the downed link as a valid ASN path, and since that's beyond your control... yeah, you can get screwed pretty easily by one router on an upstream provider's network that misbehaves in just the right ways.

Truthfully, most major ISPs' NOCs are pretty fast to respond to BGP screwups, but problems caused by a mistake vs. problems caused on purpose with a little forethought and topology knowledge are two different beasties...

Re:How is this a 'culture'?

[SavingPrivateNawak]

But the script kiddies described in the article seems quite technical (not just "I winnuke you lolol") since they seem to discover vulnerabilities way before everyone else (Cf Article).

I don't want to start another hacker/cracker flamewar but I think we should reserve the term script kiddies to people who effectively do nothing more than running other people's malicious scripts.
We need to find another term for describing these immature, yet skilled, adolescents that discover vulnerabilities by themselves in order to higher their social rank. (Cf article where they talk about '0day servers' with newly found vulnerabilities ready for kiddies' next war)

Re:How is this a 'culture'?

[_Sharp'r_]

Exactly. Someone with knowledge of multiple "0day" vulnerabilities doesn't fit into what I'd call a script kiddie. They could be a kiddie, but "0day" and "script" in this sense are usually mutually exclusive.

Re:How is this a 'culture'?

[Anonymous Coward]

The ones the article is talking about are still script kiddies-the 0day ones are only highly skilled in building social networks. In the vast majority of cases the original source of the vulnerability "accidentally" leaks it to some random but well-known "ub3r l33t" script kiddie who is guaranteed to use and spread the crack in a predictable manner, but who isn't able to trace the original author. The 0day inner circle is simply an informal distribution network, and that's exactly what the "script" part means. That's not to say they're dumb-staying in the inner circle takes good social engineering skills that very few script kiddies have.

Better term: Cyber Punk

[BrianMarshall]

Isn't 'cyber punk' pretty much what we are talking about here? Someone with some actual power and 'street smarts', but still, essentially, a punk?

(Not to be confused with 'punk rock', the style of music that embraces the point of view: "This is shit, everything is shit, life is shit, you are shit, I am shit".)

Re:How is this a 'culture'?

[myowntrueself]

"but most people who've spent the time to learn at that level also are mature enough to realize that there isn't much of a point to wanton destruction."

If only that applied to the guys in the Whitehouse, Dubyas boyz.

yeah yeah troll, flamebait, whatever.

Re:How is this a 'culture'?

[Anonymous Coward]

They don't necessarily know what they're doing. Admittedly, when I was in highschool I tried to launch my own botnet. I was DoSed twice on unrelated conditions and got fed up. Plus I wanted to mess with my own friends' connections. After a little digging I found a binary for a botnet which I was able to hex edit and customize to create my botnet. At this time I was just learning C++ and later I found an open source trojan that had much more abilities already coded plus I could add my own. I knew nothing about the inner workings of the net, spoofing (which was hard on win9x machines), or very much C++ at all. One week summed up a nice botnet. At a very young age I discovered that people will run anything if you just plant enough binaries. I disguised it as things I myself would've been interested in: console emulators, porn (yes executable porn, youve seen this), and secuirty related software. I found out that some of my closest online friends has independetly and secretly built their own botnets. It seems like the best thing since well..the internet. To have so much power at a young age and EVERYONE was doing it. Soon I was confronted by a very intelligent person who talked me out of this shit, very nicely even though I was trying to infect him. I uninstalled the bots and shut down the channel. Now I know if I had kept going I would have had a lot of power that I shouldnt. I wasn't using exploits that affect hundreds of thousands of windows machines or any other fancy distribution methods. I just put my file on the net and let them come to me. Botnets are too easy to create and since bandwidth is cheap they will cause more problems. Something must be done to stop these kids without ruining their lives. I wanted to learn and destroy, but not without good reason to. Of course if someone will DDoS company sites and cause damage they should be punished but they should be stopped before this happens. They dont know what they are doing.

Re:How is this a 'culture'?

[Build6]

mean, I could think of a 1/2 dozen ways to wipe out a whole country's internet access completely for a day or two (no, I'm not going into details here, but if use BGP in your work life, you can probably think of a few also

There's a difference between doing something, and doing something and not getting caught. Are your ideas the kind that will end up you being in a federal prison (i.e. quite pointless) or the kind where you cannot get traced (i.e. you are then in fact quite dangerous)?

there's a difference between going to the bank with a shotgun and getting a lot of money, right before being either shot dead or hauled off to prison, and figuring out some way to siphon off bank funds into your account in a way where nobody ever detects it (or only does long after you're gone).

Re:How is this a 'culture'?

[Anonymous Coward]

Given that there are always a considerable number of individuals at this 'level of ignorance', and that they associate with one another on a regular basis, I would call it a culture. Just because this 'script kiddie level' is merely a stepping stone to greater understanding of technology does not mean it, as just a snapshot of one point in this progression, is not worthy of being a culture in and of itself. After all, like other cultures of this kind (gaming, geek, fratboy, whatever) there are new script kiddies joining and old script kiddies retiring from it each day.

Also, if you've ever associated with them, script kiddies have their own rules (mostly unspoken), trends, and even something of their own language. It may all be borne of ignorance and immaturity, but the same could be said about a number of other cultures/subcultures.

Re:How is this a 'culture'?

[LostCluster]

It's a culture that we should try to understand, because if we can find a way to take away their motivations, we'll have less hassles to do with on our networks.

What a 0day really boils down to is a mistake that a programmer made that never got corrected and therefore got distributed, but this mistake has yet to be documented in any way. White hats announce what they've discovered in the form of a patch, or at worst a security alert to the public. Black hats announce what they've discovered in the form of a malware attack.

Really... we'd like to know what motivates black hats, because we'd like to find a way to get them to play on the white team.

Re:How is this a 'culture'?

[DoraLives]

if we can find a way to take away their motivations, we'll have less hassles to do with on our networks.

Bored children break stuff for the sheer hell of it. To seek deeper meaning here is to completely fail to understand bored children. Distract (and that's all you can do, merely distract) child A from breaking a thing, and child B will come along and break it while you're still busy with child A. There's nothing to see here. Move along.

we'd like to know what motivates black hats

You're presuming to use logic (or something similar) to understand a non-logical phenomenon. Don't work. Human emotion is a manifestly NONlinear function and additionally changes from one state to another with about the same level of predictabliity as the position and momentum of a particular subatomic particle. Fuggabouddit.

we'd like to find a way to get them to play on the white team

That way has already been found: Let them grow up. They'll get over it. Or at least most of them will. But you can never predict with certainty exactly which ones. And every year a new crop is growing.

Re:How is this a 'culture'?

[DerekLyons]

Bored children break stuff for the sheer hell of it.

No. Ill-raised children break things for the sheer hell of it, bored or not. These script-kiddies are no more and no less than the end product of the permissive 'kids-will-be-kids' theory of parenting.

Thank you Dr. Spock.

Re:How is this a 'culture'?

[redhog]

Or the result of you-can't-do-this-and-you-can't-do-that raising, where the kid becomes more introvert/hiding in its search for playground, and eventually ends up doing really nasty things as soon as the parents aren't watching.

The only way to raise a child not triggering its "do the opposite of what you say" when you ask it not to do something that really is bad, is to never say no if it really isn't a problem, and when saying no out of rreal need, allways motivate the no with good arguments that the child just can not ignore the truth of.

Re:How is this a 'culture'?

[mingot]

Really... we'd like to know what motivates black hats, because we'd like to find a way to get them to play on the white team.

Desire to compete coupled with a strong fear of rejection. All you have to do to 'win' is be hated.

Re:How is this a 'culture'?

[Prof. Pi]

if we can find a way to take away their motivations, we'll have less hassles to do with on our networks.

After R'ing TFA, I'd guess that the most efficient way to take away their motivation would be for the major ISPs to chip into a fund to get hookers for them.

Re:How is this a 'culture'?

[lxs]

I guess in the same way that glue-sniffers that scrawl their names on bus-shelters are part of an 'artistic movement'

Give a kid a felt-tip pen and he thinks he's Bastiat, give the same kid a computer and he thinks he's Kevin Mitnick.

Two implications

[Anonymous Coward]

The most amusing implications are:

a) Its a culture.
b) Someone would actually want to see it.

10 years ago I did the script kid thing for a bit (before having a life). Its a bunch of kids who's parents are not really involved in their lives, and have nothing better to do than look for a digital mate by typing "A/S/L?!?!??! and talking about their privates.

I could seriously care less.

Re:Two implications

[WwWonka]

The most amusing implications are:
a) Its a culture.

So is yogurt.

b) Someone would actually want to see it.

Somebody somewhere paid money to watch Gigli as well.

Did you miss the part...

[Ayanami Rei]

where they mention that "no one wants to download grsecurity" or "tru64 is where it's at" or "some kiddies target Solaris and Irix because that usually means a big pipe".

Try a little reading comprehension first.

h4h4h4h4h4

[segment]

_xXx_h4x0r3rZer0_xXx [#31337] d00d sl4shd0t p0st1d 0ur sh1zzl3 m4h n1zz73
XxX-|-Ne()-|-XxX [#31337] /exec ./winuke slashdot.org:80
XxX-|-Ne()-|-XxX [#31337] l4m3rz!@_!@

A peak at script kiddie culture..

[Anonymous Coward]

Look no further.

Publicity

[Un0r1g1nal]

From what I understand of script kiddies they mostly do stuff from sheer boredom (what ever happened to the good ole outdoors?) and for the extra pseudo attention they get from it.

Surely by attempting to interview and do articles on this 'culture' they are just pandering to the desires of these script kiddies. And rather than helping them to realise that they need to grow up etc, the extra attention is only going to make them have a greater desire to wreak havock with their 'leet skills'

Bahh, these kids today...

[k4_pacific]

Back in my day, we didn't have computers. We would see how long we could balance on a flagpole or we would see how many goldfish we could fit in a telephone booth. Hell, once I danced the Charleston on a flagpole for 12 hours. Won me a brand new LaSalle. Now, pranks and mischief are all electronic, done with them newfangled computers by them so called script-kiddies.

Takes the fun out of being a kid if you ask me. Hmmmpphh

WTF

[Facekhan]

Is this guy just making stuff up as he goes along. I swear he comes off like Gibson at GRC for christ sake. Secret groups of anti-social 11 year olds taking down whole isp's because their male "competition" for the heart of an equally dysfunctional haxo4 chica is a subscriber.

Just how do you stop a DDoS?

[LostCluster]

From an admin's perspective, a DDoS is the scariest attack of all. There's nothing you can do to prevent it, and nothing you can do to stop it.

An admin whose network is being DDoSed really doesn't have much hope of doing anything. Their inbound communication line to the outside world is being flooded with so much garbage information, the signals that they want to get over that line are simply drowned out. Incoming connections can't get a turn going down the pipe, so they time out. He's powerless, everything in his shop is nice and secure, but can't function without geting any useful requests. That poor admin can call his ISP... but there's really not much the ISP can do from their side of the line.

The real problem in a DDoS attack is not that the final victim's security has gone wrong, but the security of other computers elsewhere on the Internet have been compromised, and they've been turned into zombies contributing to the DDoS flood. The DDoS will not subside until nearly all those machines are all patched, but that's not something the victim's people can do. They have to wait for the Anti-Virus providers and software providers to knock down the flamethrowers that are all being shot in the same direction.

Any time you're relying on third parties who don't work for you to save your business, you're really up a creek and are throwing yourself on the mercy of the tech world. Hopefully they'll save you in time, because there's really not much you can do from your own datacenter.

Re:Just how do you stop a DDoS?

[0racle]

I just don't see how a DDoS that does nothing except bog down your network connection, usually just to the outside world if you actually earned that job, is the scariest.

It slows things down, to a crawl or a dead stop, its irritating, and all you can do is sit it out, but in the end, what did it really do, again from the admins perspective? Nothing, it didn't do anything. You don't now have to worry about machines being used as zombies or otherwise compromised and there's next to no cleanup. And as for the

Re:Just how do you stop a DDoS?

[Slashamatic]

Large companies have multiple IP addresses and pipes. It then becomes possible to reconfigure so that only one pipe becomes stuffed and normal traffic is redirected. It is more of a problem when you don't have so much spare capacity.

Re:Just how do you stop a DDoS?

[Anonymous Coward]

That poor admin can call his ISP... but there's really not much the ISP can do from their side of the line.

Sniff the garbage, analyze it, block IPs somewhere upstream. Worst case, if the zombies are randomly spoofing IP addresses you could still trace them back hop by hop. A giant pain in the ass, but possible. Steve Gibson has a great article [grc.com] about dealing with a DDoSing script kiddie.

Baseball BATS !

[MajorDick]

We had a script kiddie (didnt know it at first) trying desperatley to hack several of our servers, I reckognized the IP block he was on and called up my buddy who was the sysadmin for the ISP he was connected from, Soooo he gave mne his name and address. Me and my dad Im 6'2 230 lbs and my dad looks like george carlin on steroids, well we knocked on the door of a very nice house at about 4:00 pm , to the door comes a pimpled faced rugrat about 14, I told him we were here about the hacking attempt on our server, the kid turned purple, andd I honest to gfod thought he was gonna piss himself , we had a nice little discussion and told him the next call was to the FBI for attempted bank robbery as we hosted several credit unions, never had anymore problems from this fellow. We did take a baseball bat along just in case he was bigger than we were , This was going back some time 96 or so.

Translation

[$0 31337]

didnt = didn't
reckognized = recognized
mne = me
Im = I'm
andd = and
gfod = god

Damn... I sure as hell hope you're not a programmer at your job. If so, I'd love to see some of your code

#!/usr/been/purl

opin(INFILE,"/etc/paswd") || die("Fil naught fownd");

Sorry about making fun of you, please don't bring your dad to my house.

Re:Translation

[MajorDick]

No problem, I was watching TV , actually I am a programmer :), I also type 120 wpm (less error corrections) by the time I correct all my mistakes Im at about 70 wpm :) I am undoubtedly one of the fastest and worst typists on slashdot.

Re:Translation

[telstar]

"I am undoubtedly one of the fastest and worst typists on slashdot."

• Don't forget to add that to your resume.

Re:Baseball BATS !

[Monkelectric]

In 97 or 98 I had a similiar problem, this 15 year old kid was rooting our servers and messing up our IRC channel, he never seemed to use the same IP, and honestly we just couldn't stop him. Fourtanately a member of our organization worked at IBM and he had a bit of juice with the security department. A few days later someone at IBM got us name and a phone number, and we called and had a long conversation with the guys dad :) Never heard another peep out of him, although we were all still very emberassed

Law and Order Episode

[Latent Heat]

The baseball bat story sounds like an urban legend. But then Dick Wolf's "Law and Order" had a good yarn about cybercrime.

This young white dude, computer programmer family man is found shot dead. In his house. With an exotic WW-II German pistol.

The crack team of Briscoe and Green do their leg work, and they come across an old black dude who is somehow connected to the young white dude in a financial scam. The cops think "salt and pepper" team and one crime guy turning on his partner.

The D.A.'s off

Re:Law and Order Episode

[Monkelectric]

I agree with you 100%. I think something thats really missing from our society is the idea of consequences which I think is what you're hitting on. Most places in the world, if you messed with someones business there would be consequences that wouldn't necessarily be legal in nature. Your community might look down on you or you might get the crap beat out of you. Those things serve REAL purposes, police can't be everywhere all the time, but people can...

Now police are the only ones authorized to provide consequences or even make judgements which means anything that doesn't have critical mass slips under the radar.

Re:Baseball BATS !

[geekoid]

you do that to my son, and your ISP will be the victim of a tragic backhoe accident.

Your revenge is measured in pounds, mine is measured in grains.

Re:Baseball BATS !

[YrWrstNtmr]

They could have just called the FBI first. I think a nice frendly chat first works better for all parties, don't you?

Re:Baseball BATS !

[Night Goat]

Look, if you're not going to discipline your kid, don't be surprised if he learns the hard way. It's not like the guy even hit the kid, he just put a bit of realism into the kid's vandalism spree. It's a sad world when parents defend their kids' vandalism.

Re:Baseball BATS !

[LittleGuy]

We did take a baseball bat along just in case he was bigger than we were ,

You *did* check to see if he wasn't a card-carrying member of the NRA, did you?

Not a culture

[Lord_Dweomer]

This is hardly a culture. This is a personality stereotype. And a fairly accurate one at that. It's a derogative term used to identify people who do not make their software toys on their own, but instead download the hard labor of others and use it to perform meaningless, and often times annoying pranks.

I think I have a comparison to sum this up.

Script Kiddies is as much a Culture as 1337 5p34k is a Language.

Re:Not a culture

[rawb]

Maybe the 'script kiddies' aren't exactly what he was describing, and there needs to be a new term for the characters in the story, but what he did describe certainly is a culture.

When I was 15 I had a friend give me a few scripts which i ran randomly for a few days. I didn't go to chat rooms for that stuff. I didn't talk online with those people, and I didn't become involved in the alliances of groups. I was given a program, and I used it to get me some earthlink passwords. That's a script-kiddie.

The des

bah

[kurosawdust]

What I want to know is how the hell those guys ever understand each other when they talk in person.

"Dude that DOS attack was so seven-three-three-plus sign!"

Re:bah

[StuWho]

What do you mean "talk in person"? That would imply entering the real world.

Innate Security of Windows vs Linux

[miyako]

I noticed that microsofts statment that (if|when) Linux gains as much popularity as Windows, we will find that it is not inherintly more secure because "Using Linux does not make you defacto smarter"
Reading this I knew that SOMEONE would bring it up, so I might as well be the first
I think that as linux sits right at this moment, it does make one smarting to be using it, simple because it requires the user to be more aware of their system. I do not see this changing in the near future either, not because of the technical inability of linux to emulate Windows automagic configuration, but because the people who write the software do not seem to want that (I know I don't).
So does this mean Linux is more secure by default? I would have said yes if you asked me a week ago, but this last weekend I was at a LAN party and installed Linux on several machines of friends who were interested in learning about it. What I saw made me realize that in the hands of an average (l)user, Linux can be LESS secure
The thing is, even after my lecure I still had people choosing root passwords like "poopoo" and "iforgotit". Not only that, after a brief tutorial on how to do basic system administration through YaST (I installed SuSE 9 on their boxen), I had at least 3 people go in and turn on every single network service that was offered. One of these people even set up his box as an anonymous FTP server with read and WRITE priviliges to the root directory!
At the same time I had another guy logging on to IRC as root and downloading files, while I was taking care of these machines someone else had already created a user account and given the user name and password out to several people in his AIM buddy list.
I'm the last person to say that we should include less software with a distrobution. I think the fact that most distorbutions contain a complete operating environment is a good thing, but with a little bit of knowledge these people had already made their system much much less secure than a windows box with the security updates applied would have been.
The whole point of that rant being (other than just getting that off my chest), as linux becomes more popular I can easily see scripts writen to take advantage of clueless linux users just the same as there are scripts to take advantage of clueless windows users.

wasn't this...

[fermion]

the point of Dexter's laboratory. Some kid driven to demented acts of violence and creativity by the inane action of his older sister.

Society Problem

[rotty]

It's not a hobby, it's a social life. These kids don't have much outside of this. Most of them, if they were to go parties they would get beat up. This is their social life.

Well, the whole article just talks about how to prevent the "skript kiddie" behaviour, but no word about that the cause might be our society, not giving these kids a way to enjoy theirselves without involving in malicious actions. It's the same as with drugs: everybody is talking about how to stop drug dealing and consumption, but little is done to tackle the root of the problem; the reason why the kids are not welcome on parties, get bored and thus involve in DDoSing or start experimenting with drugs.

Re:Society Problem

[King_TJ]

I think it's mainly a result of the "generation gap".... You've got parents who know very little about their own computers, and their kids who are pretty comfortable getting around online with it.

I've known quite a few kids/teens who got into loads of mischief with their PC, despite having otherwise caring and pretty observant parents.

Their folks were just sucked into the idea that their kids spending a lot of time on the computer had to be a "good thing", since they were learning "useful skills" and "doing something more educational than sitting around, watching TV".

There are plenty of things to blame parents for, but this is probably not really one of them. If you're the parent of a kid who is of "above average intelligence" and generally seems to stay out of trouble (not doing drugs and partying all night long, etc. etc.), and you're not too computer literate yourself -- just how much are you supposed to do when he/she figures out how to DoS corporate networks with his/her newfound online buddies?

Exactamundo

[benjamindees]

Kids do all sorts of anti-social stuff, but, even when they're mostly minding their own business, they get pissed on. I love it how everyone expects *teenagers* to spend their free time caring for puppies and the homeless.

Here in a decent-sized city in the (yay) midwest, the evening activities available to those under eighteen are: bowling, cruising, wandering the streets aimlessly, and, ummm, well that's pretty much it.

Everything in town closes at 9:00. *Public* parks close. There's a constant crackdown on 'cruising' for some reason. There's an 11:00 curfew for everyone under-18.

So, the choices for a kid growing up around here are: 'sit in your room all evening with your computer' or 'break some sort of law'. Apparently, now our fearless leaders have found a way to make 'sitting in your room' against the law as if they would rather these kids be roaming the streets vandalizing cars and buildings. Great.

At least, this way, they are actually learning some things about computers and causing *very* little damage in the process. I think we all need to be a little more realistic: kids cost money and destroy things. The fact that *the internet* isn't a little more kid-proof should be of more concern to everyone than the slightly-less-than-moral decisions made by a bunch of teenagers.

*cue Steve Irwin aussie accent*

[enrico_suave]

Krikey... here we see the script kiddie in his native habitat, his parents spare room... look at how he asks for warez and 733t scriptz in AOL chatrooms...
We musn't approach too quickly or we'll startle the little feller...

Configure your router/firewall correctly

[PacoTaco]

Everyone please take the time to configure your gateways to drop outgoing packets with spoofed source addresses. This doesn't take long and potentially saves everyone else a ton of grief. Logging these funny packets is also a good way to tell if a machine on your network has been compromised.

Re:Configure your router/firewall correctly

[Anonymous Coward]

In the interface config for the uplink to your isp:

ip access-group access-list-N out

Back in general config:

ip access-list N allow 10.42.101.0 0.0.0.255
ip access-list N allow 192.168.1.0 0.0.0.255
ip access-list N deny 0.0.0.0 255.255.255.255

Where the first two statements allow outbound packets with source addresses of 10.42.101.0/24 and 192.168.1.0/24 and the final statement (match all) denies any packet for which the src address was not matched in the previous two statements.

I

The thing that gets me...

[Phil John]

...is that some of these kiddies seem to strive to bring down the one thing that gives them any sense of purpose.

Like the attacks on the root servers, well done, bring the domain name system down, now update your hosts file by hand when you want to visit a website/chat on irc to your mates about how 31337 you are.

It doesn't sound right...

[bentonsmith]

...the interviewed party sounds like he's making things up as he goes along for greater exposure and interest. There is nothing there that jumps out to me and says "liar", but at the same time, I think that the interviewee might have been, er thinking about this topic too much and might be blowing things out of proportion just a little bit.

Do people on IRC attack conference line services? Oh yes, I've seen it being done several times, and FoF is something of a wheel in this scene. Are said hijacked conference lines used for neferious purposes? I'm sure once in a while, but really they are mostly used for the purposes of socialization... same as has been the case with phreaking the past.

What do people do the first time they phreak? They call a faraway place and talk to someone just because it is neat to talk to someone in England, or Fiji or somewhere far away without cost.

What is the primary use of these phreak'd conference lines? Socialization, a way for people who are geographically distant who have got to know each other on IRC to talk to each other without cost. Believe you me, the content of these conversations is far more likely to contain dreary e/n stuff rather than Plots To Take Over The World.

The intimation that this culture could somehow be for sale to nefarious people and powers is frankly outrageous and hysterical at the very same time.

Now if only these kids had some direction....

[newdamage]

I know this is just asking to get flamed, but if these kids had some proper motivation and direction, they could probably do some pretty impressive stuff.

I know script kiddies are the bottom feeders of the hacker/cracker world, but most are still very young. But they obviously have enough technical knowledge to cause alot of trouble, and channeled in the right direction they could probably grow up to be fairly proficient developers and really become an asset to the tech community.

But then maybe I'm just being naive and optimistic.

Re:Now if only these kids had some direction....

[Ironica]

I know this is just asking to get flamed, but if these kids had some proper motivation and direction, they could probably do some pretty impressive stuff.

You're not asking to get flamed; you're asking to get volunteered to start a mentoring program. ;-)

Kiddie sure fits

[77Punker]

Wow...these people exchange nude photos of each other, exchange phone numbers and other important data, get fucked over by all their "friends" they've never met, and then try it again. I'll stick with video games, thanks.

Script Kiddie Culture?

[Anonymous Coward]

Here is a much better site portraying script kiddie culture on a daily basis [slashdot.org]

Script kiddie "Culture???"

[swordgeek]

Wonderful. Now the vandals have a culture. Charming. Let's next do an article on the graffiti "artists" who spraypainted my brother's garage. How about the spamming "free speech activists?" Or the good souls at NAMBLA?

Vandalism is vandalism, and crime is crime, no matter how you dress it up. Criminals have a long history of pretending to walk to the beat of a different drummer, being misunderstood, put-down, trod on, etc.; but at the end of the day, they're just fucking criminals looking for a scapegoat instead of taking responsibility for their crimes.

Re:Script kiddie "Culture???"

[Jerf]

Calling it a "culture" is simply descriptive, not a value claim. There are illegal drug cultures, too. In fact, there are several quite distinct drug cultures; casual weed smokers are different from the hard drugs are different from the ecstasy group. There are quite a few other criminal cultures too.

They meet every criteria for a looser definition of "culture", such as one might describe a hacker "culture" or a sports fan "culture". Of course, they aren't a seperate culture like "US culture" or "French culture", but from context, most people won't mistake the two.

You seem to be seeing an implicit claim that "all cultures are equally valuable", which is a post-modern conception. While there are some academics who would take it down to the finer-grained culture definition (e.g., "hacker" and "ecstasy"), most people apply that only to the coarser-grained one ("French", "Chinese", etc.). Most people would agree that there definately are some cases where one [fine-grained] culture is clearly inferior to another, so by calling the script kiddies a "culture" doesn't logically imply that there is a claim that their actions are OK because all cultures are equal. (There are even some atavists like myself who reject post-modernism entirely; makes it easier to ID implicit post-modernism it when I see it then those who are steeped in it.) Given a choice between a person joining script kiddie culture or joining a sports culture, I know which is more likely to turn out well for both the person and culture at large.

Thus, there are also graffiti cultures. I'm unsure about NAMBLA, I have no idea whether they qualify as a culture, but I doubt it. Similarly for "free speech activists"... other then similar beliefs on free speech issues, that doesn't otherwise imply an outlook, a unique jargon, dress patterns, frequent organized or semi-organized social encounters, etc. that one would normally associate with a "culture". (Script kiddies are odd in that their associations are strictly online, but their demographic similarity, speech patterns, thought patterns, and online meetings are enough, I'd say. Note I'm not trying to carefully define "culture" in this sense since it would be very difficult to match what me mean by the term.)

Re:Script kiddie "Culture???"

[swordgeek]

Your post is, so far, the only coherent reply I've seen (with the exception of a rather funny comment about NAMBLA).

I don't have a problem per se with the distinction between a formal and/or macro culture, vs. an informal microculture. The problem I see, though, boils down to this: You say,

"Most people would agree that there definately are some cases where one [fine-grained] culture is clearly inferior to another, so by calling the script kiddies a "culture" doesn't logically imply that there is a claim

Re:Script kiddie "Culture???"

[Daltorak]

I'm sure the "good souls at NAMBLA" will appreciate us calling attention to a society of 'kiddies' who have no social life, know how to chat about 'body parts', and exchange nude pictures over the Internet.

Re:Script kiddie "Culture???"

[Ironica]

Wonderful. Now the vandals have a culture. Charming. Let's next do an article on the graffiti "artists" who spraypainted my brother's garage.

Actually, a fellow student of mine is doing his thesis in Urban Planning on that very topic. Mostly he's looking at how graffitti and tagging are an attempt to claim public space in an increasingly privatized world.

Vandalism is usually a reaction to something. Instead of bitching, if you find out what it's a reaction to and then see what you can do to address the issue, you'll have a lot more success and peace in your life. It may not always be something under your control, but the gut reactions we tend to have to these types of acts often simply make the root causes worse, and perpetuate the situation.

Appropriately timed article

[Texas Rose on Lava L]

A Peek At Script Kiddie Culture

Posted by timothy on Saturday March 06, @06:03PM

We all know "5cr1p7 k1dd13z" don't have much of a social life, so there should be plenty of them around to comment on this article on a Saturday night. The Slashdot editors are smarter than a lot of people want to give them credit for.

Paul Vixie quoted in the article (via a link)

[BrookHarty]

Paul Vixie quoted in the article (via a link)

'Recommendation: upgrade your peering requirements to include language like:

Each peer agrees to emit only IP packets with accurate
source addresses, to require their customers to do likewise,
and to extend this requirement to all other peers by $DATE.

Where DATE = (now() + '6 months') or some other negotiated value.



Peering agreements are so thick with political BS, they can't even stop ISP's like UUNet who are the biggest spam friendly ISP's around.

Basically everyone is trying to use standards for protocols to correct this, engineers trying to correct political problems.

nothing new

[Cheeze]

I remember being in a friend's dorm room about 8 years ago and watching him show me how he floods people off of irc with a CTCP flood. This was the beginning of the DoSnets. His bot was linked up to about 400 others that would all send commands to a specific user at once. I can only imagine the technology change in the last 8 years. From the sounds of it though, it's the same old crap, just using different protocols.

I also remember when winnuke came out. It was nearly impossible to use the internet for about 6 weeks, until microsoft got a patch out. I put a linux machine up as a firewall and logged all of the attempts. It was like people were just winnuking all of the available ip space. After winnuke, it was teardrop, then smurf. I'd never seen a windows machine crash so fast.

ahh...the good old days. I'm suprised this is just now getting attention. It was no big deal when single computers would crash all over the internet, but when CNN.com or AOL.com gets attacked, it's a big deal all of the sudden.

Hm. Kinda like school yard bullies, but. . .

[Fantastic Lad]

their asinine activities can affect huge corporations and the world at large.

Interesting!

Until now, the idiocy of the school yard jerk was something you had to put up with when you were a kid, but thankfully left behind when you graduated. But now juvenile crap overflows into the 'real' world, and can affect even the most insulated ivory tower type. Is this the first time?

I remember bullies and morons in school. The 'play'ground held a unique undercurrent of threat and horror for me as a kid. Going to school included genuinely believing that every day there was the possibility that you might be tortured and murdered by some half-wit big kid with a cruel streak, and that the safe world of adult supervision was unaware of most of the hells being perpetrated. Being a kid was a horror in many ways.

So what can be done about the skript-kiddie 'threat'?

Zip. Let the adult world suffer, I say. Think of it as payment for forcing kids through such a horrific 'education' system. There are only two other institutions which are so similar in structure and ideology, and they are the military and the penal system. School sucks, and aside from the handful of friends I made there, I hated nearly every aspect of it. The most valuable lessons I learned were how to survive it. Little else was of much use except shop class, typing class, art class and any time where there happened to be one of those very rare adults who inspired. You know the ones I mean. The good teachers who somehow defied the system and taught you valuable lessons in the face of all the state-ordained mind control. (Learn how to Obey and be Bored out of your mind doing repetetive tasks. A robot factory cranking out Perfect Workers.)

I also think it's neat that the Skript Kiddies are the geek version of 'Moe' type bullies. There's an ironic balancing in effect there somehow. . .

-FL

Better explanations available?

[iion_tichy]

Maybe it's still too early in the morning for me, but I didn't understand much of what that article said. OK, Kiddies organize in gangs and they hang out on IRC. What else is going on?? What does the 'war' consist of, who controls more machines on the internet? And it's being fought by copy & pasting the lastet Viri, Trojan Horses etc. and spreadng them around? Why can't IRC be secured, after all those years?

Some understandable explanations would be much appreciated...

Re:AOL H@x0rZ!

[cmacmanus]

No, it qualifies you for MENSA.

Re:You don't know you're born.

[gnu-sucks]

Back in my day, we had to walk our packets to and from the server, uphill, BOTH ways.

Re:Being a script kiddie...

[Unregistered]

who simply cut and pasted code and then tweaked it a bit to see what happens.

Bah, back in my day, i had to copy it by hand from a book into qbasic on windows 3.11. None of this fancy copy and paste bs. An i liked it.

Re:Wait a minute...

[Mr. Darl McBride]

So what's the difference between script kiddie culture and slashdot culture?

Hey, essdodson! Heeeeeeeey, essdodson! Want to see a monkey? Do you want to see a funny funny monkey? Want to see the funnnnnnny funny monkey monkey?

*holds up a mirror*

essdodson: *delighted squeal*