Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Government The Internet Politics

The Real Impact of the Estonian Cyberattack 172

An anonymous reader writes "News.com offers up an interview with Arbor Networks' senior security researcher Jose Nazario. He takes stock of the denial-of-service attack against the Baltic nation of Estonia, and considers the somewhat disturbing wider implications from the event. 'You look around the globe, and there's basically no limit to the amount of skirmishes between well-connected countries that could get incredibly emotional for the population at large. In this case, it has disrupted the Estonian government's ability to work online, it has disrupted a lot of its resources and attention. In that respect, it's been effective. It hasn't brought the government to a crippling halt, but has essentially been effective as a protest tool. People will probably look at this and say, That works. I think we're going to continue to do this kind of thing. Depending on the target within the government, it could be very visible, or it could not be very visible.'"
This discussion has been archived. No new comments can be posted.

The Real Impact of the Estonian Cyberattack

Comments Filter:
  • by Cutie Pi ( 588366 ) on Tuesday May 29, 2007 @09:48AM (#19309107)
    Depending on the target within the government, it could be very visible, or it could not be very visible.

    Yep, that pretty much sums up the possible outcomes.

    • by iONiUM ( 530420 ) on Tuesday May 29, 2007 @09:58AM (#19309235) Journal
      hey HEY! I was thinking there could be a third option, translucently visible, or like visible only on the 3rd moon of the 18th month of the 22nd year after the year of the tortoise.. this narrowed it down a lot.
    • Come on, there are an infinite number of ways to hold your tounge and squint.
      • Re: (Score:2, Funny)

        by Anonymous Coward
        Come on, there are an infinite number of ways to hold your tounge and squint.

        On the other hand, there are not an infinite number of ways to spell "tongue".
        • Re: (Score:2, Funny)

          by HiggsBison ( 678319 )

          Come on, there are an infinite number of ways to hold your tounge and squint.

          On the other hand, there are not an infinite number of ways to spell "tongue".

          Yes, but 'e was clearly spelling "tounge", then, wasn't 'e?

          Praline: The cat detector van from the Ministry of Housinge.
          Man: Housinge???
          Praline: Yes, it was spelt that way on the van. I'm very observant.

    • Possible Outcomes (Score:4, Insightful)

      by Nymz ( 905908 ) on Tuesday May 29, 2007 @10:05AM (#19309335) Journal
      Unless some magical solution presents itself, then cyber-warfare will most likely continue. The difference will be in how we respond. Should starting up your own cyber-attacks be an acceptable form of retaliation? or will more cyber-attacks only lead us down the path to a conventional-attack?
      • by cosinezero ( 833532 ) on Tuesday May 29, 2007 @11:46AM (#19310641)
        If impact is merely economic - how then does it differ from other games countries play to crush economic interests? I mean, where you see "Denial of Service", I see "Sanctions" and wonder, in the grand scheme of things, what's the difference?
        • by DerekLyons ( 302214 ) <fairwater.gmail@com> on Tuesday May 29, 2007 @12:43PM (#19311399) Homepage
          The key difference is that sanctions and traditional methods are (generally) open and aboveboard - you know who is doing what to who, as it is announced widely beforehand and very visible in operation. DoS attacks however, are none of these things. In addition, while Country X may impose various forms of sanctions/tariffs/etc... on Country Y - that does not effect (directly) either the internal operation of Country Y, or it's intercourse with Country Z. DoS atacks can, and do - as well as have an immediate and direct impact on individuals.
          • "The key difference is that sanctions and traditional methods are (generally) open and aboveboard"

            -->Oh boy.

            Countries (including the US) raid and detain maritime vessels - shipping, scientific, etc - for a wide variety of reasons... not all of them overt.

            I see a number of parallels from a cyberattack on a country to the US detaining money from shipments of sugar from brazil to russia calling it suspect for the drug trade. We can call it "Social Engineering", if you will, but the picture remains the same
            • Oh boy. Countries (including the US) raid and detain maritime vessels - shipping, scientific, etc - for a wide variety of reasons... not all of them overt. I see a number of parallels from a cyberattack on a country to the US detaining money from shipments of sugar from brazil to russia calling it suspect for the drug trade. We can call it "Social Engineering", if you will, but the picture remains the same - countries have a variety of ways to wage war - economic, sociopolitical, psychological, even reli

              • "As stated in Sun Tzu's "The Art of War","

                -->Hasn't this become an addendum to Godwin yet?

                "No where in a political move do you directly destroy or cripple services. "

                -->Interesting. There's QUITE a few dictators that have been overthrown by covert meddling that would not agree.

                "The current administration plays all the same games"

                -->Note that no where did I suggest they don't; simply that bush has lost the flair that his predecessors once had for the covert and the underhanded. Reagan... Clinton...
          • The key difference is that sanctions and traditional methods are (generally) open and aboveboard



            That is the funniest thing I've heard today.
    • Re:How insightful! (Score:5, Interesting)

      by rs232 ( 849320 ) on Tuesday May 29, 2007 @10:11AM (#19309435)
      Yep, that pretty much sums up the possible outcomes

      Would this distributed DOS attack be possible without a vast army of compromised desktops being used as part of a botnet. Is it tecnnically possible to design against such attacks, or at least make it more difficult to compromise the desktops and route the rogue traffic. After all the Internet is supposed to be designed to be resistant to a nuclear attack. (I know Vint Cerf remembers it different)
      • Re: (Score:3, Informative)

        by Vancorps ( 746090 )

        It would be easier to defend against these attacks if companies would standardize on techniques. Cisco and HP are two examples I know of that offer different methods for defending DDoS attacks. Cisco has a number of methods not all of which are compatible with each-other. Perhaps more importantly, Cisco's methods almost always require Cisco products for them to work effectively. HP is a little better about standards these days but their methods are still rather solitary to their Procurve platform. Lately HP

    • It could also be somewhat visible. Yes, some attacks are somewhat visible indeed.
  • Multicast theories (Score:5, Interesting)

    by packetmon ( 977047 ) on Tuesday May 29, 2007 @09:56AM (#19309205) Homepage
    You know... I thought about the possibility of a Multicast worm/attack [infiltrated.net] ... Just haven't had time to document it... Would work similar to the following... For those who use IM clients that have annoying streaming advertisements... If you didn't know, those are multicasted to your machine... My theory was to re-inject packets at the router level (avoiding Reverse Path Forwarding when possible) to make your machine believe my spoofed host is a valid source to get your images from... Only thing is, the image would be corrupted forcing an infection on your machine... This would in turn replicate via broadcast from the infected hosts... It was a theory of mine while studying DoS attacks for the CCIE security exam and a lot of variables would have to be met... Anyhow, the reason for this post is, I believe those committing DoS attacks are halfclued as to what a real attack could potentially do... For instance Border Router Attack Tool [infiltrated.net] is another theoretical tool to break BGP neighboring. You of course have to know enough about a topology to even get it to work but under a unified stream, you could cause massive route flaps which lead to neighbors disconnecting. Its only a matter of time before someone takes it to the extreme and breaks connectivity between huge AS'
    • by JeanBaptiste ( 537955 ) on Tuesday May 29, 2007 @10:00AM (#19309265)
      just do this [icir.org]
      • Again, it was a theoretical based study for security labs... Its possible but highly complicated and only a matter of time before someone throws something together to do that and worse
    • by zappepcs ( 820751 ) on Tuesday May 29, 2007 @10:08AM (#19309377) Journal
      While I'm not sure your idea would work or not, I do know that there are many ways to compromise the nice-play Internet that we all think it is. Some of them are being used right now and we just haven't figured it out yet. DDoS is but one of those ways and might be *ONLY* a distraction while surreptitious malware or spyware is installed in government facilities. This in fact could be a test of the new Chinese cyber-warfare units in order to demonstrate what they are capable of...

      Just a thought from the 'stay in your happy place group' (TM)
      • Give me some DARPA funds... I'd throw together the mother of all attacks to take out that great wall of China ;)
        • Re: (Score:3, Insightful)

          by AndersOSU ( 873247 )
          I wouldn't be surprised at all if the DOD had just such a tactic in place.

          I mean think about it, one of the things a party at war always tries to do is get the civilians of the opposite side reading "subversive" material. One of the first things we did with airplanes in war was pamphleting. We still attach pamphlets with aid drops. Would it be so strange to see the US send email to every Chinese address that looked like this [wikipedia.org]? How about a flood of anti-communist text messages? Doesn't seem very far fet
    • mod parent down (Score:3, Interesting)

      by Anonymous Coward
      Only thing is, the image would be corrupted forcing an infection on your machine...

      Sure dude... So on, say, Linux, you'd have to exploit supposedly a buffer overflow to gain local access *then* you'd need to exploit a local root exploit to gain root privileges. Multiply this by the number of Linux distros out there and the number of different IM clients and suddenly your pet theory falls flat. Or maybe you were talking about rooting Vista boxes? Cancel or Allow?

      You've posted links to this lame "infiltra
      1. Just slashdot them, silly!
      2. Set up proxies to help employees of the government you want to bring down get past blocks to their personal MySpace pages.
      3. Move ThePirateBay there and watch their internal network melt.
      4. Send Celine Dion there as a good-will ambassador (ok, that's really an act of war ...)
      5. Have Dick Cheney invite their leaders out for a friendly weekend get-together and hunting trip.
      6. Offer international aid - through FEMA.
      • by R2.0 ( 532027 )
        "Send Celine Dion there as a good-will ambassador (ok, that's really an act of war ...)"

        Accompanied by Brian Adams and Alanis Morissette, it could be the crushing first strike on the way to Canadian global domination.
  • by Anonymous Coward
    Damn my Asperger's. I thought we were under attack from Cybertron...
  • Backbone QOS? (Score:3, Interesting)

    by dattaway ( 3088 ) on Tuesday May 29, 2007 @09:57AM (#19309217) Homepage Journal
    Isn't the backbone capable of metering connections to an attacked country? I haven't noticed the providers to be politically spineless (except for AT&T) but can't they help a poor country out?
    • Re:Backbone QOS? (Score:5, Insightful)

      by packetmon ( 977047 ) on Tuesday May 29, 2007 @10:05AM (#19309327) Homepage
      What would QoS do at this level except overwhelm your processor? Unicast Reverse Path Forwarding [cisco.com] would be the better solution nowadays. Cat 6500 [cisco.com] info... If networks were built correctly from the ground up, these attacks wouldn't even happen as much. If three networks were connected and all had uRPF or filtering in place, no three networks would be able to spoof addresses and cause attacks. They'd be forced to attack using a valid address on their network which would make tracking easier...
      • by phayes ( 202222 )
        TFA isn't detailed enough to tell us all how much of the attack was spoofed from sources in Russia & how much was from botnets. In any case the use of a large enough botnet with bots distributed throughout the internet will neuter URPF. When bots use their own IP addresses (or addresses from neighboring machines on the same LAN), URPF loses it's utility.
        • That wouldn't be the case if the ISP at the source in question had also implemented the technique before they peer with another provider. At that level the aggregate is a lot smaller and much easier to pin down. The real problem is coming up with a non-Cisco proprietary solution. Something not encumbered with copyright and patents which I believe is what is holding up a lot of development in anti-DDoS techniques.

          HP and a few others have been learning this lesson trying to implement standards wherever they

          • by phayes ( 202222 )
            There is precisely zero chance of it getting implemented on a wide enough scale to be of any use unless DDOS attacks come back in force & start affecting more than a minor corner of the net like Estonia. Unless DDOS attacks become such a problem that heads of states need to get involved it'll never get deployed widely enough. Even it the US used it globally, the Net has grown so far beyond it's US centric origins that that would be a mere finger in the dike.

            Given that botnet "owners" earn more spammin
            • There are heads of state which have experienced the effects of DDoS attacks. Think Whitehouse.gov

              Furthermore, most of these mechanisms are already deployed, they just aren't enforced unless you pay extra for the protection. Even then, it's too late, by then the traffic has aggregated enough bandwidth that the problem is much harder to work with. Kill it before it becomes big and see how the problems disappear.

              The U.S. isn't the only country interested in this kind of protection especially with all the ne

          • The real problem is coming up with a non-Cisco proprietary solution. Something not encumbered with copyright and patents which I believe is what is holding up a lot of development in anti-DDoS techniques.

            The road to ubiquitous DDoS protection is called "no monopolies." Several large ISPs have shelled out for the hardware to do this kind of DDoS filtering effectively, and almost every tier one can partially mitigate it with a combination of Arbor detection, and clever routing. The ISPs are paying for this because they can sell it and make money. Do you want a provider who does or does not offer a "cleaned pipes" option that lets you mitigate DDoS attacks directed at your network via a Web interface? Making

            • In the case of AT&T I want nothing to do with them. It does add value so it makes a lot of sense. So you've backed up my point. There is no down side to mass DDoS filtering. There is absolutely no reason why ISPs can't step up and at the very least make this much less of an issue.
              • There is absolutely no reason why ISPs can't step up and at the very least make this much less of an issue.

                What do you think this article was about? ISPs in several nations helped out by using their capacity to help filter the DDoS attacks against Estonia, whose major telecom apparently has no such capability. If, however, you want this to happen on a regular basis for all DDoS attacks ongoing, you have to expect the ISPs to charge their customers for that service. It costs money to deploy sensors and mitigations systems and to man and maintain those systems. At the same time, doing so reduces the amount of tr

  • For 3 years straight I've been getting hit by Viagra and Penis enlargement e-mails/ads about 30 times a day. Maybe they can use that for their own defense just to irritate the piss out of them.

    • Irritated Piss is a sign of a Urinary Tract infection, or kidney stones. Please consult a physician immediately. And lay off the Viagra and Penis Enlargements.
    • For 3 years straight I've been getting hit by Viagra and Penis enlargement e-mails/ads about 30 times a day.

      If you purchase those items, then they will stop targeting your email. That's what a friend told me.
    • I get lots of them, together with several daily messages telling me about how great life would be if only I lost weight. The puzzling thing about it is how all those people know that I'm morbidly obese, and have a tiny, flaccid todger...
  • by RealProgrammer ( 723725 ) on Tuesday May 29, 2007 @10:08AM (#19309375) Homepage Journal
    That a whole country could be DOS'd is evidence of someone doing a bad network install. The network should never be down.

    Lots of companies have a root-and-branches approach to Internet connectivity, too, thinking that each site (or the whole corporate intranet) needs only one gateway to the outside. Put all your eggs in one basket, and watch the basket. For the family baked bean recipe confidentiality that's good, but for availability that's bad.

    The "right" way to do it is to have multiple redundant shared trunks with neighbors. That word "shared" is scary to network administrators (or rather, to their pencil-pushing mentors). It means they'll have to carry outside traffic on their pipes (that's a metaphor, Senator), and that has risks: it costs money, and it has the potential to allow someone to see inside the network.

    However, the rewards for sharing bandwidth are enormous: multiple ISPs mean allowing TCP/IP to do its job, routing traffic to avoid disasters like DOS attacks, hurricanes, and nuclear bombs. The ISPs and other bandwidth partners know they have an interest in helping to protect your network. The technical risks can be mitigated simply by routing and tunneling.

    Is the above realistic? Nope. Not in a corporate environment, anyway. I'd be really surprised if anyone outside academia or pure ISP does shared trunking anymore.

    But it can also happen at the leaf nodes: you and your neighbors share cable broadband and DSL connections, routing through wifi. That violates most subscriber agreements, but it's the way the protocols were designed to work. Your network should never be down.

    Never.
    • by 99BottlesOfBeerInMyF ( 813746 ) on Tuesday May 29, 2007 @10:22AM (#19309577)

      That a whole country could be DOS'd is evidence of someone doing a bad network install. The network should never be down.

      This is a DDoS attack. The first "D" stands for "Distributed." When you have thousands of remote machines located in different places sending traffic to your network, preventing an outage relies upon being able to figure out which traffic is legitimate and which is illegitimate, and then filter the illegitimate. Having more diverse pipes does not really make a huge difference. Either legitimate and illegitimate traffic can come in over a pipe or they can't. If it can, the attack is blocking things. If it can't you just DoS'd yourself.

      The real trick here is the availability of clean or protected access from ISPs with the capability of detecting illegitimate traffic and filtering it, without stopping legitimate traffic. Many ISPs have this capability to one degree or another and a few have formally brought it to market as a differentiator for their service. I'm guessing the big ISPs in Estonia might be a bit behind in that regard, and are thus working with more capable peers to try and filter the attack further away in the cloud.

      • The first "D" stands for "Distributed."

        Thank you for your charity in not calling me stupid.

        There is a huge difference between being totally shut down by a DDoS attack and being 90% shut down. If you are shut down, there is fear; if you are limping along, you become angry. In a fight, anger is better than fear.

        Having multiple points of entry helps in the effort to stay up, no matter what the cause. The reason DDoS's work is that Internet connections are leveraged: a small number, usually one, address per r
        • In effect, having multiple gateways changes the game from a many-on-one attack to a many-on-many attack, which makes it more likely that you will succeed at least in a limited way, which is the goal.

          In the case mentioned here, it is government servers/services under attack. Regardless of how many different gateways lead to those servers and services, if the attackers use the same way of getting there as users, then either the attacks will get through or legitimate users won't. I do see where multiple gateways can be useful in two ways. One, if you have some vital service white-listed and of higher priority than anything else, you can blackhole all other traffic to keep it up and using a dedicated gat

    • Re: (Score:3, Informative)

      by Anonymous Coward
      Did you check some facts?

      Estonia: population 1,324,333 (less than 1,5 mio.) http://en.wikipedia.org/wiki/Estonia [wikipedia.org]

      I would like to see some municipalities in USA of the size of Estonia to withstanding such cyber-attack.

      Do you realize that the number of adult inhabitants in Estonia is less than a number of employees at the biggest employer of USA? (http://www.usatoday.com/money/industries/retail/2 003-11-10-walmart_x.htm)
      Estonia is like New Hampshire or Maine or Idaho population wise. And than cyber-attacks are
    • by asninn ( 1071320 )

      That a whole country could be DOS'd is evidence of someone doing a bad network install. The network should never be down.

      Why not? Just as a reference, Estonia has 1.3 million inhabitants. How many zombie computers can you buy for a DDoS attack when you've got the FSB's budget? I'm not sure, and I'm not sure what Estonia's network infrastructure works like, but I certainly don't think that it's inconceivable that you can DDoS an entire country. It probably won't be Jimmy Random McScriptkid who does it;

  • Decent well-connected countries would not engage in this sort of things. Russia — busily turning itself back into an Evil Empire — denies "officially" organizing the attacks...

    Whether it did officialy organize them, or not is irrelevant — so many things in the country happen unofficially (including the unofficial salaries — in dollars — paid to top government bureaucrats to keep them from leaving for the private sector), that the government's claims may even be nominally truthful this time.

    What is important is the government's official reaction. For example, a Russian health official is on record concerning the health hazards of the Estonian sprats. Those who follow the region would recognize the tactics already applied against Georgia's major exports. Georgia's most excellent wines are now called "alcohol-containing liquids" in Russia and their import is banned "on health grounds".

    Sprats are safe for now — unlike Georgia, Estonia is an EU (and NATO) member. But Russia — in sore need of something glorious in its sorry past (we liberated Estonia, not reconquered it, you see) — is still enraged. In a decent country such rage wouldn't be enough to break law and order, but Russia is another story. There is no doubt, the cyber-attacks against Estonia used Russian governmental resources, including hardware and human ones — these will most certainly not be prosecuted.

    • Re: (Score:1, Troll)

      by Cyberax ( 705495 )
      Georgia's wines were CRAP. 90% of it was counterfeit made from 'wine-containing liquids' (the rest 10% was really good, though). The same goes for Polish meat.

      Of course, decision to 'notice' that was political.

      Oh, ans as we speak about global economics - why can't Poland sell their meat to other countries. Maybe because it substandard?
      • by Vo1t ( 1079521 )
        It's a bit offtopic, but next time do some research before you actually claim that something is crap. I can bet it's better than anything that's sold in the Western Countries - simply because it has less chemicals in it.

        As for Russian and them finding out that Polish meat is crap, well if you'd googled, you'd found out that those accusation are total political bullshit. The meat is fine, and was tested by many independent labs. It's typical of Putin to create embargos with fake evidence and blaming it all
        • Ok, I know nothing about this particular drama, but less chemicals? Really, is that why Georgian wines are good? Compared to what exactly? The French, who can afford fungicides so their grapes don't rust on the vine?

          Personally, I'd take the ppbs of residual chemical on the grape skin than the couple of percent of mildew infested grapes that get through in a country that doesn't use chemicals.
        • by Cyberax ( 705495 )
          Georgia wines were found to contain large doses pesticides. And a lot of wine was counterfeit.

          WTF, even a Georgian _minister_ said that: 'One could sell even fecal masses in Russia'.

          I surely googled and yandexed (Yandex.ru - a Russian search engine) - there WERE well-known problems with Polish meat. I remember a couple incidents when meat from England (during BSE scare) was rebranded in Poland and exported to Russia.
      • Why, exactly, is the parent modded "Informative"? There's not a single reference to back his claims, and googling mostly gives links to Russian sites - hardly unbiased.
    • Re: (Score:2, Interesting)

      by Cyberax ( 705495 )
      BTW, Russia's past is indeed glorious. Let's see:
      1) USSR won in WWII (destroying 80% of German military manpower).
      2) USSR was the first country to launch a satellite.
      3) USSR was the first country to launch a man into space.
      etc.

      It's Estonia that is like a small dog barking at a great elephant.
      • by LWATCDR ( 28044 )
        "1) USSR won in WWII (destroying 80% of German military manpower)."
        After first helping train the German air force, and helping it invade Poland.
        Lets not forget that the USSR received a lot of lend lease aid from the US. Thousands of aircraft and many many tons of other supplies where sent to the USSR from the US.
        The USSR didn't win WWII. The allies won WWII. Of course it is nice to forget that Stalin was Hitler's friend right up till the time Hitler attacked Russia.

        Estonia may be a small dog but it has big
      • You forgot:

        4) USSR was the first country to slaughter its own population by millions (yes, before Nazis started to implement their "Final Solution").

        As for winning WWII, yeah that was quite a feat. Especially the part about replacing the Nazi totalitarian puppet regimes with Communist totalitarian puppet regimes throughout Eastern Europe. Way to establish good relations with your neighbours.

    • Given how "well" Russian Government organizes things it'd be an utter failure. Please remember, there are many people and groups in the whole world that are quite capable of doing it by themselves. What, do you think the government has nothing else to do than to issue covert demands for every dial-up user to ping particular Estonian servers?
      Estonia (and some mass media) simply find it useful to blame everything on Russian government now. Russian companies refuse to buy their products because customers stopp
      • by mi ( 197448 )

        Given how "well" Russian Government organizes things it'd be an utter failure.

        I think, you are a bit too dismissive of the Russian Government's ability to organize certain things. Ending drunkenness may not be among them, but killing or imprisoning detractors they can do. Pressuring a neighbor economically? Sure — I remind you of the "alcohol-containing liquids" again... A cyber-attack? Yes, they can — far easier than putting polonium into somebody's tea in London.

        If there was a symbol for all

      • Re: (Score:2, Informative)

        by phayes ( 202222 )

        If there was a symbol for all US soldiers that died in combat, that marked their graves in another country, and that country would then decided to just move it somewhere else, because they want to put a highway on top of that last resting place... Would Americans grin and bear it?

        No, they would pay for the repatriation of the bodies so that they could be buried on US soil just as they have been doing for the past 40 years in VietNam/Cambodia/Laos. If The country where they died is willing to keep the wa

    • Re: (Score:3, Insightful)

      by antv ( 1425 )
      Well, your big mistake is assuming this sort of thing is somehow centrally organized.
      Remember an incident with US spy plane and Chinese fighter jet [wikipedia.org] ?
      It resulted into a hacking contest [bbc.co.uk] between US and China without any "official" guidance.

      In case of Estonia an asshole named Anders (Estonian leader - my sincerest apologies to all other assholes for the comparison) referred to buried WWII veterans as "marauders" on public TV, before trying to move the statue. Quite obviously, people got pissed off. Some teenage
      • by asninn ( 1071320 )

        without any "official" guidance.

        There may not have been anything *official*, but do you honestly think that the two countries' respective intelligence agencies were not involved? Come ON.

    • A member of the Kremlin-backed "Putin-Jugend" (aka Nashi) has now claimed credit for organizing the attacks with his associates, saying it hadn't been coordinated by the ultra-jingoistic Nashi-group (thereby conveniently absolving direct responsibility from the Putin regime).

    • by igny ( 716218 )
      we liberated Estonia, not reconquered it

      As most wars show (Iraq is not an exception), winners "liberate" and losers "get occupied". For almost 50 years Estonia did not mind to side with winners. They have only recently realised they had been losers.
  • by Anonymous Coward
    I'm seeing a shitload of spam and SSH scanning from Russia. There's also stuff like the excellent Nginx web server, no reason to doubt the authors motives but at what point would he cave to mafia threats and insert a back door?

    The situation in Russia isn't helped by the fact that the mafia are basically the state (Putins FSB). Europe will eventually rely on these villains for natural gas, what can the west do about the situation before it's too late?
  • say you had two countries simmering over some stupid feud: land or machismo or even a soccer game [marrder.com]. in such a situation, any cross border incursions or launched missiles can get back to a matter of accountabilty: what comes from your territory is your responsibility, and the fact that something came from your territory or not is pretty straightforward. the side where the incursions came from can even make excuses, but the other side can still say: "look, these guys came from your territory. clean it up yourself or we'll clean it up for you." that provides some straightforward safeguards right there

    however, things are too nebulous on the web. no accountability. the russians that attacked estonia can not be found by russia and suppressed easily, because no one knows who they are. well, obviously there can be some intelligent detective work done (who purchased the botnets for rent, for example), but my point is, any group of teenage assholes can do this sort of thing, from any botnet in the world, and so it renders obvious lines of accountability all nebulous and unresolved

    and so it is sort of like terrorism, in that there is no one easy and big to blame. no state or governmental entity. it's vague and undefined. and in the end, therefore, these sorts of wars/ crimes are really the defining characteristic of conflicts in the 21st century. for the most part, wars of nation against nation and obvious straightforward battlefields seem to be a dead era. today's conflicts are all about shadowy organizations ready to do nefarious things in the name of nebulous agendas, and finding and stopping who or what or how is simply a task without any clear goals or clear yardsticks of progress

    some people would use this fact to say that therefore there is no war or conflict at all, that say, the "war on terrorism" isn't real. no, wrong. the threat is still very real. something like 9/11 is not a phantasm of a neocon's imagination

    it's just that the enemy is opaque and made of fog. but because the enemy is hard to pin down, does not mean there isn't nefarious intent out there you need to protect yourself from. yes, that vagueness can be used to amp up fear and provoke overreaction. but, in a way, doing nothing is still worse than overreaction (unless overreaction consists of taking the war to targets that should not be targets)

    we live in a difficult era folks. do nothing, you're damned. do something, you can be damned worse. you need to be clever and constant and precise in your efforts, and you'll still screw up and get blowback anyways, and you must still soldier on nonplussed nonetheless, against cyberenemies, against terrorism, with no real yardstick of progress, with no real verification of success or failure, with nothing but the fog for miles and for years, and then a plane in a skyscraper, or a bomb in a disco, or a flood of emails, or a DoS for seemingly no rhyme or reason... and then gone again like a fart in the wind, until the next mass murder. it's psychologically debilitating, and yet constitution and fortitude are your best character qualities needed in order to beat back these shadowy enemies
    • what comes from your territory is your responsibility,

      Seems well enough to work for the Lebanese government. Of course when you are at the brink of civil war... You really don't have control over what goes over your border.
      • well yeah (Score:3, Interesting)

        not having responsibility for what goes on inside your borders is not an acceptable state of affairs. because neighbors will begin to get angry about it because of the rats and vermin making incursions from your lands, and then they will go in and clean things up themselves, and this of course is an escalation. that's why being responsible for what goes on inside your borders is the most imperative thing for a country to have. if they don't have it, there is only war and misery to be had with everyone who l
    • the russians that attacked estonia can not be found by russia and suppressed easily, because no one knows who they are.

      Typically, if someone _needs_ to be prosecuted, "round up the usual suspects" applies. That you think otherwise is folly.

      and so it is sort of like terrorism, in that there is no one easy and big to blame. no state or governmental entity. it's vague and undefined.

      This is a half-truth used to create a fearful population and justify egregious limitations to your personal freedoms.

      today's con
      • how the hell in your mind does the malintent and bigotry of someone against you become your fault is utterly beyond my comprehension. sir: if i think i am superior to you because of race/ religion, that is an original sin on my part, which i am only accountable for

        nothing, absolutely NOTHING i ever did or could ever do to you justifies or explains my own bigotry against you. al qaeda is not fighting the west because of che guevara, or the kyoto protocols, or walmart, or nike sweat shops in indonesia. al qae
    • William Lind [lewrockwell.com], a scholar on the subject of this new style of war, which he calls "4th Generation of Modern Warfare" (to distinguish it from the other 3 common types of military organization: organized battlefield; top-down order-based hierarchic army; and blitzkrieg) as a shortcut for something that is fast-paced, non-centralized, stateless, guerrilla-based, multi-polar and simultaneously global, international and local, says that the best way for one to defend himself from it is by doing two things:

      a) Focus inwardly, trying to be on the smallest possible number of 4GW organization target lists. The less people hate you, the better you are;

      b) Focus locally, building your defensive strategy on fast deployed forces stationed where they act and, if possible, made up of residents of the area, as well as lowering the dependency each area has on resources deployed from too much away. The more centralized and distant and your military force is, the weaker you are. The more dependent you are on goods and services coming from other cities, states and countries, the weaker you are. (Note that this isn't the same as neglecting a strong and big army. It's more of the way said army is built.)

      USA fails on both aspects. It fails "a" miserably by making its presence felt all over the world, thus entering the list of almost everyone. And it fails "b" by encouraging a false sense of security on its population, when it should be making local militias and weapon usage proficiency as much widespread as possible, as well as by having an absolute, complete, all-embracing dependency on foreign natural resources, goods, services and work.

      On a 4GW world, this is a recipe for disaster.
    • If you have no way to measure success then you need a new approach. Treating headaches again and again with Advil sure will get rid of the pain, but eventually you're either going to have a stroke and possibly die or you'll experience kidney or liver failure.

      If stress of the job is causing the headaches then you need to find a way to cope with the stress or get a new job. Continuing on course is not the correct action, the definition of insanity is doing the same thing over and over expecting a different r

      • that you are not identifying: control versus freedom

        all of the changes you propose are basically the wet dreams of authoritarian censoring oppressive governments everywhere

        it is very much in the name of freedom to leave the internet devoid of such control... and an internet devoid of controls leads to this sort of anarchic bullying by shady forces

        negatives with both approaches, pluses with both approaches

        it all boils down to that familiar schism... control or freedom/ security or liberty: the ideological co
        • Perhaps you missed the part I wrote about maintaining anonymity? Preventing DDoS is very easy without needing to identify people. I also said that most countries don't control the Internet because corporate entities do. I was not advocating this be changed. Only that we provide guidelines to those entities that peer with other providers. If you implement some basic techniques at the peering locations then you can prevent the vast majority of DDoS attacks because it can be aggregated enough to cause problems

          • i should have qualified my statements. there are plenty of security versus liberty dichotomies which are actually false and are presented by demagogues. that being said, there are also some fundamental security versus liberty choices people need to make on a daily basis. and these choices are always being revisited in times when some people abuse their freedoms in order to inflict harm on others. the idea is to limit freedoms in limited ways for limited time periods at targetted systems/ individuals, such a
            • I agree that people often give up freedom for security and that it is never worth it. In this case however the only freedom being taken away is the freedom to launch DDoS attack on people. It's very limited in scope and only serves the best interests of the law abiding with zero innocents getting caught in the crossfire. It's a total win-win situation, the only thing is costs is a little time and probably a bit of money which we waste in dealing with the problems of DDoS attacks. I've had to divert time and

  • ...but every time I see a story about Estonia, I always think Elbonia [wikipedia.org]. My apologies to both Scott Adams and the people of Elb^h^hstonia.
  • Botnet? (Score:3, Funny)

    by Maxo-Texas ( 864189 ) on Tuesday May 29, 2007 @11:26AM (#19310395)
    A trivial threat compared to posting the major web addresses on Slashdot.

Put your Nose to the Grindstone! -- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Working...