Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Counter DoS

  • From: Brian Bruns
  • Date: Thu Mar 11 03:24:06 2004

On Thursday, March 11, 2004 3:05 AM [EST], Brian Bruns <bruns@2mbit.com>
wrote:

>
> Sounds like efnet channel wars on a much more interesting scale.
>
> Like I've said in previous posts - do we really want these people having
> tools like this?  Doesn't this make them the equivelant of 'script kiddies'?
>
> How the hell could a company put something like this out, and expect not to
> get themselves sued to the moon and back when it fires a shot at an innocent
> party?

I hit send way to fast, heh.


Whats going to happen when they find a nice little exploit in these buggers
(even if they have anti-spoof stuff in them) that allows the kids to take
control of them or trick them into attacking innocents?  Instead of thousands
of DDoS drones on DSL and cable modems, you'll see kids with hundreds of these
'nuclear stike firewalls' on T1s, T3s, and higher, using them like they use
the current trojans?

No product is 100% secure (especially not something that runs under Windows,
but thats another issue), so how are they going to deliver updates?  Or make
sure that the thing is configured right?  I could see blacklists (BGP based)
cropping up of these systems, so that you can filter these networks from ever
being able to come near your network.

This is starting to sound more and more like a nuclear arms race - on one side
we have company a, on the other company b.  Company A fears that B will attack
it, so they get this super dooper nuclear strike system.  Company B follows
suit and sets one up as well.  Both then increase their bandwidth, outdoing
the other until finally, script kiddie comes along, and spoofs a packet from A
to B, and B attacks A, and A responds with its own attack.  ISPs hosting the
companies fall flat on their face from the attack, the backbone between the
two ISPs gets lagged to death, and stuff starts griding to a halt for others
caught in the crossfire.

So, and who thinks that this is a good idea? :)
-- 
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org

The Abusive Hosts Blocking List
http://www.ahbl.org





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.