Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

DDOS attacks.

  • 20-10-2004 10:29pm
    #1
    Closed Accounts Posts: 3,357 ✭✭✭


    The DDOS attack on the register.com today got me thinking. Given that these usually come from a botnet or similar - how come it is possible for the same compromised machines to be used for multiple attacks over a period of time?

    Surely its not an insurmountable task to trace the compromised PC's and get them blocked by their isp's? I realise of course that is possible to spoof and obscure the originating IP but I understood it wasnt foolproof? Surely with enough time and energy it would become very easy for an ISP to spot a compromised machine? Dont they have a responisibilty to do that?

    Also a related article on phishing and spamming suggests that the same networks were being used time and again, and it was mentioned that although the IP addresses were changing the nature and quantity of attacks suggested that it was the same botnets responsible. Again I dont really understand how the IP of a compromised machine can be changed. Or were they talking about some kind of relay points being used - presumably where all those dodgy chunks of IP ranges were allocated years ago?


Comments

  • Closed Accounts Posts: 345 ✭✭tck


    It is a botnet, there can be hundred's of thousands of zombies from all over the world contributing to the bandwidth without them even knowing.

    Alot of ISP's don't play ball ; imagine trying to ring every customer to say that they have a trojan on their pc - nigh on impossible.

    That's even if it was the right ip - most these days of spoof the origin, there's definitely a shortage of people that can track down spoofed dDoS attacks ; most just block it off and hope they get bored.

    New machines are compromised all the time, you can control so many now with a few commands from IRC or even an IM, i can't see any quick fix in the future either, unless your on some switched backbone.


Advertisement