|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Counter DoS
On Thu, Mar 11, 2004 at 04:10:04PM -0500, Deepak Jain said something to the effect of: > > If you wanted to do that, wouldn't the firewall just need > directed-broadcast left open or emulate similar behavior, or even > turning ip unreachables back on? Exactly my point in using the word "amplifier" earlier. No special config or sploit-du-jour required. The play-by-play below is even more complicated than the process. > > Flooding pipes accidentally is easy enough. Now people are selling > products to do it deliberately. They'll be sorry. > > Yeesh. > > I saw a license plate this week (Virginia -IWTFM) I thought that was clever. Nice. :D > -- k. rachael treu, CISSP [email protected] ..quis costodiet ipsos custodes?.. > Deepak > > Gregory Taylor wrote: > > > > > > >Yes, lets allow the kiddies who already get away with as little work as > >they can in order to produce the most destruction they can, the ability > >to use these 'Security Systems' as a new tool for DoS attacks against > >their enemies. > > > >Scenerio: > > > >Lets say my name is: l33th4x0r > > > >I want to attack joeblow.cable.com because joeblow666 was upset that I > >called his mother various inappropriate names. > > > >I find IP for joeblow.cable.com to be 192.168.69.69 > > > >I find one of these 'security' systems, or multiple security systems, > >and i decide to forge a TCP attack from 192.168.69.69 to these 'security > >systems'. > > > >These 'security systems' then, thinking joeblow is attacking their > >network, will launch a retaliatory attack against the offender, > >192.168.69.69 thus destroying his connectivity. > > > >Kiddie 1 Joeblow 0 The Internet as a whole 0 > > > > > >Greg > > > >Rachael Treu wrote: > > > >>Mmm. A firewall that lands you immediately in hot water with your > >>ISP and possibly in a courtroom, yourself. Hot. > >> > >>Legality aside... > >> > >>I don't imagine it would be too hard to filter these retaliatory > >>packets, either. I expect that this would be more wad-blowing > >>than cataclysm after the initial throes, made all the more ridiculous > >>by the nefarious realizing the new attack mechanism created by these > >>absurd boxen. A new point of failure and an amplifier rolled all > >>into one! Joy! > >> > >>More buffoonery contributed to the miasma. Nice waste of time, > >>Symbiot. Thanks for the pollution, and shame on the dubious ZDnet > >>for perpetuating this garbage. > >> > >>ymmv, > >>--ra > >> > >> > >> > > > > > > > >
|