Great Article

Gunn4r

http://grc.com/dos/grcdos.htm

Well worth a read

dahamsta

Just finished it, was about to post it meself. Scary, ain't it? And sad, so very sad.

Isn't it ironic though, that the attack was started because the kid mistakenly thought Steve Gibson called him a script kiddy, and in the end Gibson proved that that's in effect what he was - a sad little loser using someone else's code to launch an attack because he thought it was "fun".

NAIL 'EM UP I SAY, NAIL 'EM UP!!!

Gerry

very sad indeed, I also read a lot of steves site, it's one of the most helpful and informative pages I have ever read on the net. I was a bit unsure as to whether software based firewalls were any good, but I installed zonealarm on his recommendation, and tried it with his Shields Up! software. Of course it's nowhere near a unix box running ipfw or whatever, but for windows users it seems to be very good.

Chubby

Site is down, the attack must have resumed, that kid is really lame. Of course, exposing a script kiddie with an ego like that will only infuriate him. Hope there'll be more interesting developments to read next week.

ConUladh

First time being to grc.com in a good few months,

Fascinating article, better read than most of the books I've read lately

It'll be interesting to see what happens over the next few weeks alright

HaHa, it's like a soap opera for nerds(no offence to anyone)

dahamsta

Chubby, I had problems with accessing the site directly from grc.com myself yesterday. Try sticking www. in front of it - it'll redirect to grc.com but that seems to pull it in. Strange but true.

adam

Chubby

The poor guy surrendered...ah well, he did a great job defending his site.
http://grc.com/dos/openletter.htm

Lenny

His artivle was really well put together
pair play to the fella

DeVore

The reason Boards was going so slow last week was that we were getting DDOSed.

Its a pain and its just scumbag knacker kidiots.

Real hackers wouldnt do that.

DeV.

Coyote

To tell the truth i do not thing that it was that good a Article.
fine he might be a good server admin but he's not very smart if he things that he is the only one who is hit by this type of attack, then he puts up what is little more that a bost of how great he is catching the attacker, and stopping him. not very smart as has been proven by the new attacks on him that there are attacks that he can not stop, and puting up that bost will just get more fools to attack him.
I'm not saying that what he did to stop or fine out who the attacker was bad, it was very clever, but it was stilly to put up that bost about doing it, loads of admins do that but they do not invite more attacks by braging to the world about how great they are stoping them as it just attracts more attacks which this time (as proven by what happend after he put up his rant) will have more skill and be doing things that he can not stop.


Coyote

ecksor

I think the point of it was to demonstrate how vulnerable people are and to share what he learned about how these attacks are organised.

dahamsta

I agree, I don't think it was boasting at all. The guy is very much interested in Internet security and privacy issues, and has released some very cool and handy tools to help people. Granted, he may have had the idea of pulling a few visitors to his site in mind when he wrote it, but who's to blame him? Most importantly, it was an interesting look into the mind of these sad demented little people. I didn't read it and think, "oh, this guy thinks he's so cool," I thought, "oh, those script kiddies are so pathetic." It remains sad though.

adam

ConUladh

Don't see how it's boasting when he states about halfway through that these attacks are unstoppable

He has been writing articles (& S/W) and arguing with companies about Spyware for quite some time now, this is just new ground (and a new fight) for him

I'll be very interested in those aricles he's planning on writing about DDoS

dahamsta

Check the site again - he's given in completely now because they won't leave him alone. Article in The Reg about it too. Sad little tossers.

adam

Trojan

Here's his open letter:
( http://grc.com/dos/openletter.htm )

<font face="Verdana, Arial" size="2">
An Open Letter
to the Internet's
Hackers
Page last modified: Jun 01, 2001 at 12:47


I surrender.

I surrender right now, completely and unconditionally.

And I'm not kidding.

It is my intention to carefully and completely explain, to the entire world, exactly why there is no defense against the sorts of clever Internet attacks you guys can create.

I want to do that because the world still doesn't get it.

It occurred to me that you might think that I think I'm invulnerable after managing to block the IRC Zombie/Bot attacks, so I wanted to be SURE that you understood that I AM UNDER NO SUCH DELUSION.

I was talking to a reporter on the phone a few hours ago, during the first REAL, non-blockable attack we have ever experienced. And I calmly explained that we were under attack and off the Net. In a bit of a panic, he asked what I was going to do about it. So I told him that I was going to take a long walk on the beach — because you and I both know there's absolutely NOTHING I CAN DO to defend against a real, professional, Internet Denial of Service attack. So I might as well enjoy the day.

I have started working on a next set of pages to explain all this. The pages are not finished, but you can see what I have so far, and where I'm going with it: (Page 1) (Page 2)

So, I respectfully ask that you leave me alone and allow my site to stay on the Net. I know that you can easily knock me off. That's not even a question. But only if I'm here can I explain that to the rest of the planet.

Thank you for your consideration . . . and for your charity.


</font>

Al.

Stonemason

I find it all very sad that this kind of harrasment has no recourse through legal chanels.His answer from the fbi was some what lame I know they may have bigger fish to fry but what kind of world is it when someone can get so much crap for so little and nobody can do anything.Im all for a free unrestriced net but this kind of thing is going to lead us all into an opressive regime where we are told what we can and cant do.Perhaps the Hackers think they are imune to the restricions that will eventually be built into both software and hardware in the not to distant future to prevent this kind of crap.


Stone

ConUladh

The reason why there was no point the FBI doing anything was that it was a minor

Take a look at this country, plenty of little scumbags walking the streets

dahamsta

...says the man with the hoody, shades and shadow mustache...

Stonemason

I know the FBI cant legaly do him and from what was said he already had his pc taken off him for tampering with goverment computers.So why cant they just A, tell his parents (again) B, confiscate his pc again. If his parents dont give a flying fook then they should be held accountable for his actions as i dare say at his age its unlikely he bought the pc himself.They may give a hoot that there little darling gets them dragged through the courts because of his unsocial attitude.I know you can argue that he will find away of getting round this by perhaps using other computers. If he drops his m8s in it by using theres or if he uses say a public access point it is going to be harder for him.Though he maybe a hacker i bet he plays quake or what ever the latest game is and may find having to go somewhere just for a quick blast a tad anoying.


Stone

ecksor

Microsoft's response.
http://www.microsoft.com/technet/security/raw_sockets.asp

ConUladh

Steve's response to Microsoft's response

http://grc.com/x/talk.exe?utag=&group=grc.news&xrelated=104&cmd_latest=Latest+Items

Should be the second topic down

This is getting a fair amount of coverage
At least 4 newsletters I subscribe to (none of them specifically security orientated) have talked about it : Lockergnome, Langalist, WindowManager and Jasons Toolbox

koriordan

Annoyingly, the M$ link shows as just a blank page with Netscape 4.73 on BSD. Can read the source though.

Gotta agree with M$ on this one, Mr. Gibson does seem to have missed the point. That said, his other idea about public scrutiny of ISPs is a good un /in theory/ - will people put it into practice ? I know I'm too lazy, hows about the rest of ye ?

regi

Apparently, if all ISPs started to block outgoing packets from their network which appear to originate from outside their network, then most spoofing DDOS attacks would be foiled.

ie, my little ISP has the subnet 123.123.123.x, and I have a router that routes traffic in and out of that subnet, then I could block all outgoing traffic that doesn't originate from a 123.123.123.x IP address.

I don't know if I've horribly oversimplified this, or got it wrong. If anyone knows more, I'd love to hear about it.

ConUladh

http://www.langa.com/newsletters/2001/2001-06-21.htm#1