|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Effective ways to deal with DDoS attacks?
On Thu, 2 May 2002, Christopher L. Morrow wrote: > 1) I hack connected ISP X > 2) I inject www.ebay.com /32 blackhole route > 3) no more ebay > > I use ebay as an example of course, I wouldn't want them harmed cause how > would I be able to buy all that nice routing gear at bargain basement > prices without them? :) Replace steps 2 and 3 with: 2) I route all packets going to Ebay to my box 3) I have my box to connect to real Ebay using passwords folks connecting to my man-in-the-middle box (how many of them have a clue to carefully look to the "SSL in use" icon anyway?) 4) I have the mershandise they bought shipped to me; and steal their CC numbers in the process. There are endless variations on the theme. Access to the routing infrastructure _MUST_ be tightly controlled. Intercepting traffic to root NSes is even more fun :) And, Satan bless the folks who want to let Unicode into DNS names, having many visually indistinguishable "ebay.com"s is a breeze, so one can get valid X.509 certificates for those undistinguishable "ebays", too. --vadim
|