DDoS attacks

Alexei Roudnev alex at relcom.EU.net
Fri Jul 13 06:11:31 UTC 2001


// First of all; please, I use word Russia only because it reflect a lot of other
countries such as east europe, Israel, latin america etc etc - which have edicated
people but have not this idiosyncrasy about the law and order... Don't write about
_terrignle russion hackers are damaged the whole word; I so such hackers in
american movies only...


First of all, people here (in USA) respect law, people in other countries does
not. How often you are driving 100Mph? (Sorry, you are in Italy? I suspect your
answer will be _yes, every day_. But if you was from USA, you (may be) never reach
this speed because you respect law...

 For comparasion - in Russia (where there is a little of high quality roads) do it
every day - they drive as fast as they can, not as it is posted...if They never
are thinking about _the law_ - they are leaded by their own brains. So does the
kiddies.

But it's _common phylosophy_. On the other hand, I had a 2 years experience
working (part time, I was a head of NOC) as a RU-CERT expert, tracing hackers,
prosecuting them. We revealed 2 generation of our own _script kiddies_, traced a
lot of different IRC's, maintained  a few honey spots, etc etc... results? We saw
a lot of different hackers, virtual or real ones, but we never saw  any hacker
from USA.

After I come here and began to work here, I understood _why_ we saw so strange
picture... Kiddies here _have something to lost_ - they have their education,
their loans, their future plans. Kiddies in other countries have much more spare
time, have nothing to lost, are not obligated to buy software (any software is
FREE, do you know it? You don't think so? You can come to ANY computer market in
any country out of USA and west europe, and you'll find ANY software by the price
of 5$/600Mb... So, if some kiddy want to install MSVC, he need 1$ only - less than
his lunch).

I have not good statistic. Today, I saw a few articles about _honeyspots_ and
_honeynets_, and I suspect this guys can collect some useful statistic. My
impression was _guys in USA write something but does not use it for the wide
intrusion; kiddies in Russia, Israel, Korea etc use this software to collect
exploits, roots, accounts, credit cards over the world.... It is mostly games, but
sometimes it became dangerous.

IRC is another thing... It was, it is, it will be some kind of natural _honey pot_
for the hackers. So use it, don't fight it -:).

----- Original Message -----
From: "Rafi Sadowsky" <rafi-nanog at meron.openu.ac.il>
To: <up at 3.am>
Cc: <nanog at merit.edu>
Sent: Thursday, July 12, 2001 5:08 PM
Subject: Re: DDoS attacks


>
>
>
> On Thu, 12 Jul 2001 up at 3.am wrote:
>
> [deleted]
> >
> > On Thu, 12 Jul 2001, Alexei Roudnev wrote:
> >
> > > One important notice - most of this kiddies are not from USA.
>
>  How exactly did you get to this conclusion ??
>
>  The smarter script kiddies can crack systems in a few countries and use a
> few hops to get the place they installed the zombie master
> for example:
>
>  <cracker> -> <Romania> -> <china> -> <Poland(DDoS master>
>
> Good luck to you tracing the attack to the cracker ;-)
>
>
> - Rafi
>
> --
> Rafi Sadowsky                                   rafi at cert.ac.il
>  Network Operations Center  |VoiceMail: +972-3-646-0592   FAX: +972-3-646-0454
>   ILAN - IUCC -I2(Israel)   |    FIRST-REP for ILAN-CERT(CERT at CERT.AC.IL)
> (Israeli Academic Network)  |   (PGP key -> )  http://telem.openu.ac.il/~rafi
>
>
>
> > >
> > > ----- Original Message -----
> > > >
> > > > > I can't help but believe that if even 20% of them
> > > > > were caught and had to spend just a little time (even hours) with the
> > > > > cops, and had their peecees confiscated, you'd not be seeing
> > > > > nearly the problems we are now.
> >
> > James Smallacombe       PlantageNet, Inc. CEO and Janitor
> > up at 3.am     http://3.am
> > =========================================================================
> >
> >
>
>
>
>




More information about the NANOG mailing list