Counter DoS

Deepak Jain deepak at ai.net
Thu Mar 11 21:10:04 UTC 2004



If you wanted to do that, wouldn't the firewall just need 
directed-broadcast left open or emulate similar behavior, or even 
turning ip unreachables back on?

Flooding pipes accidentally is easy enough. Now people are selling 
products to do it deliberately.

Yeesh.

I saw a license plate this week (Virginia -IWTFM) I thought that was clever.

Deepak

Gregory Taylor wrote:

> 
> 
> Yes, lets allow the kiddies who already get away with as little work as 
> they can in order to produce the most destruction they can, the ability 
> to use these 'Security Systems' as a new tool for DoS attacks against 
> their enemies.
> 
> Scenerio:
> 
> Lets say my name is: l33th4x0r
> 
> I want to attack  joeblow.cable.com because joeblow666 was upset that I 
> called his mother various inappropriate names.
> 
> I find IP for joeblow.cable.com to be 192.168.69.69
> 
> I find one of these 'security' systems, or multiple security systems, 
> and i decide to forge a TCP attack from 192.168.69.69 to these 'security 
> systems'.
> 
> These 'security systems' then, thinking joeblow is attacking their 
> network, will launch a retaliatory attack against the offender, 
> 192.168.69.69 thus destroying his connectivity.
> 
> Kiddie 1   Joeblow 0    The Internet as a whole 0
> 
> 
> Greg
> 
> Rachael Treu wrote:
> 
>> Mmm.  A firewall that lands you immediately in hot water with your
>> ISP and possibly in a courtroom, yourself.  Hot.
>>
>> Legality aside...
>>
>> I don't imagine it would be too hard to filter these retaliatory
>> packets, either.  I expect that this would be more wad-blowing
>> than cataclysm after the initial throes, made all the more ridiculous
>> by the nefarious realizing the new attack mechanism created by these 
>> absurd boxen.  A new point of failure and an amplifier rolled all
>> into one!  Joy!
>>
>> More buffoonery contributed to the miasma.  Nice waste of time,
>> Symbiot.  Thanks for the pollution, and shame on the dubious ZDnet
>> for perpetuating this garbage.
>>
>> ymmv,
>> --ra
>>
>>  
>>
> 
> 
> 
> 




More information about the NANOG mailing list