Computer Security - Lets hear from the pro's

01-16-2004, 12:10 AM

So I watched this BBC news item on criminal activity on the internet. The
deal is, these people go around researching companies, find a target and
then stage a DoS attack on the company, demand money ransom and don't stop
until they get the $$$. Basically, "Internet extortion"...

Here's the link....
http://news.bbc.co.uk/1/hi/business/3265423.stm

Shouldn't this stuff be easily stoppable & trackable by counter measure
technology? Or am I wrong...?

--
Rowdy Yates
I am Against-TCPA
http://www.againsttcpa.com

Rowdy Yates

01-16-2004, 12:30 AM

DoS often use zombies, computers belonging to others infected by a trojan.
The zombies do the DoS and do not belong to the person doing the attack and
finding where the trojan that infected the machine came from may not be
possible.

--

************************************************

g-w

"Rowdy Yates" <> wrote in message
news:Xns9471C3436C1EErowdyyatesnospamlyco@66.185.9 5.104...
> So I watched this BBC news item on criminal activity on the internet. The
> deal is, these people go around researching companies, find a target and
> then stage a DoS attack on the company, demand money ransom and don't stop
> until they get the $$$. Basically, "Internet extortion"...
>
> Here's the link....
> http://news.bbc.co.uk/1/hi/business/3265423.stm
>
> Shouldn't this stuff be easily stoppable & trackable by counter measure
> technology? Or am I wrong...?
>
>
> --
> Rowdy Yates
> I am Against-TCPA
> http://www.againsttcpa.com

01-16-2004, 01:18 AM

In article <Xns9471C3436C1EErowdyyatesnospamlyco@66.185.95.10 4>,
says...
> So I watched this BBC news item on criminal activity on the internet. The
> deal is, these people go around researching companies, find a target and
> then stage a DoS attack on the company, demand money ransom and don't stop
> until they get the $$$. Basically, "Internet extortion"...
>
> Here's the link....
> http://news.bbc.co.uk/1/hi/business/3265423.stm
>
> Shouldn't this stuff be easily stoppable & trackable by counter measure
> technology? Or am I wrong...?
>
>
>

2 years ago or for small companies not backboned by major players, it
can be downright terrible.

for big companies or those backboned by the big-boy pipe providers, DoS
attacks are easily avoidable. It's only a matter of time, say another
year or maybe two, until DoS attacks are completely a thing of the past
and we'll be worrying about something new and even more dangerous.

--
Colonel Flagg
http://www.internetwarzone.org/

Privacy at a click:
http://www.cotse.net

Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."

"...I see stupid people."

01-16-2004, 01:47 AM

Colonel Flagg <> wrote in
news::

> In article <Xns9471C3436C1EErowdyyatesnospamlyco@66.185.95.10 4>,
> says...
>> So I watched this BBC news item on criminal activity on the internet.
>> The deal is, these people go around researching companies, find a
>> target and then stage a DoS attack on the company, demand money
>> ransom and don't stop until they get the $$$. Basically, "Internet
>> extortion"...
>>
>> Here's the link....
>> http://news.bbc.co.uk/1/hi/business/3265423.stm
>>
>> Shouldn't this stuff be easily stoppable & trackable by counter
>> measure technology? Or am I wrong...?
>>
>>
>>
>
> 2 years ago or for small companies not backboned by major players, it
> can be downright terrible.
>
> for big companies or those backboned by the big-boy pipe providers,
> DoS attacks are easily avoidable. It's only a matter of time, say
> another year or maybe two, until DoS attacks are completely a thing of
> the past and we'll be worrying about something new and even more
> dangerous.
>
>
>

yeah, i heard this security guru guy once said, there a lots of things your
ISP can do, the question is, will your ISP do them for "you".

--
Rowdy Yates
I am Against-TCPA
http://www.againsttcpa.com

01-16-2004, 09:16 AM

"Rowdy Yates" <> wrote in message
news:Xns9471D373D930Erowdyyatesnospamlyco@66.185.9 5.104...
> Colonel Flagg <> wrote in
> news::

<snip>

> >> Shouldn't this stuff be easily stoppable & trackable by counter
> >> measure technology? Or am I wrong...?
> >
> > 2 years ago or for small companies not backboned by major players, it
> > can be downright terrible.
> >
> > for big companies or those backboned by the big-boy pipe providers,
> > DoS attacks are easily avoidable. It's only a matter of time, say
> > another year or maybe two, until DoS attacks are completely a thing of
> > the past and we'll be worrying about something new and even more
> > dangerous.
>
> yeah, i heard this security guru guy once said, there a lots of things
your
> ISP can do, the question is, will your ISP do them for "you".

Possibly not for /you/, but they should do so for /themselves/ - remember,
enough traffic to (D)DoS a site on their network is going to be a definite
blip in their own network loading.

Possibly large enough to annoy one of their larger customers, which is where
it starts to cost them hard cash..

--

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!

01-16-2004, 10:23 AM

Rowdy Yates wisely said the following on 16/01/2004 00:10:

> So I watched this BBC news item on criminal activity on the internet. The
> deal is, these people go around researching companies, find a target and
> then stage a DoS attack on the company, demand money ransom and don't stop
> until they get the $$$. Basically, "Internet extortion"...
>
> Here's the link....
> http://news.bbc.co.uk/1/hi/business/3265423.stm
>
> Shouldn't this stuff be easily stoppable & trackable by counter measure
> technology? Or am I wrong...?
>
>

Yeh this is quite an old thing, a few russian gangs have been doing this
for 18 months - 2 years.

There is not a lot you can do to stop a DoS, especially a DDoS if it's
powerful enough to take out your upstream routers and the people
launching it know what they are doing.

There are a lot of things your ISP can do, and there are things ISP's
can do in general to stop DoS attacks, but they aren't happening (For
example, what legitimate reason does an ISP netblock have for generating
traffic with a source address not in that block? If ISP's just dropped
this traffic DDoS attacks would be a thing of the past).

I have seen DDoS attacks bad enough to make an ISP unstable (these are
major ISP's not small resellers) and some ISP's in the UK have gone
bankrupt due to sustained DDoS attacks on their networks. Some of these
incidents were related to the DALnet attacks, these attacks were so
fierce and sustained that many sponsors have had to pull out as the
attacks on the servers were degrading their whole network.

This stuff is *not* easily stopped and is *not* easily traced, it's not
always possible to trace and it's not easy to stop (Remember mafiaboy
and yahoo etc? He took out half of the Internet and was only caught
because he went round bragging about it, not because they traced him).

There are now services that can host sites that are likely to be DDoSed
and they do have technological countermeasures (mainly a **** load of
bandwidth and multiple burstable redundant connections) plus things like
SYN cookies and so on have made things better.

Also read this: http://www.grc.com/dos/grcdos.htm

And the attacks which have pretty much killed DALnet totally:

http://zine.dal.net/previousissues/issue22/what-dos.php
http://zine.dal.net/previousissues/i...dos-impact.php

http://www.theregister.co.uk/content/55/28515.html
http://www.techspot.com/vb/showthread/t-3485.html

etc.

Cheers

ST

--
Get your Geek Goodies!
http://shop.security-forums.com

.: http://www.security-forums.com :.

Share your knowledge
It's a way to achieve
Immortality.

01-17-2004, 09:52 AM

"Tracker" <"snailmail(valid)222000"@yahoo.com> wrote in message
news:...
> Rowdy Yates wrote:
>
> > So I watched this BBC news item on criminal activity on the internet.
The
> > deal is, these people go around researching companies, find a target and
> > then stage a DoS attack on the company, demand money ransom and don't
stop
> > until they get the $$$. Basically, "Internet extortion"...
> >
> > Here's the link....
> > http://news.bbc.co.uk/1/hi/business/3265423.stm
> >
> > Shouldn't this stuff be easily stoppable & trackable by counter measure
> > technology? Or am I wrong...?

> Unless the Government poses penalties on misconfigured Proxy Server
owners,
> there is no way to track down hackers, let alone bikers who extort the
****
> out of anyone with money.

Which Government would this be? UK, US, or one of the other 230-odd?

I presume that you keep the stats on Proxy attacks vs. everything else in
the same place as "how you helped Microsoft"..?

H1K

01-17-2004, 12:18 PM

On Sat, 17 Jan 2004 11:33:41 -0800, Tracker
<"snailmail(valid)222000"@yahoo.com> wrote:

>
>
>Rowdy Yates wrote:
>
>> So I watched this BBC news item on criminal activity on the internet. The
>> deal is, these people go around researching companies, find a target and
>> then stage a DoS attack on the company, demand money ransom and don't stop
>> until they get the $$$. Basically, "Internet extortion"...
>>
>> Here's the link....
>> http://news.bbc.co.uk/1/hi/business/3265423.stm
>>
>> Shouldn't this stuff be easily stoppable & trackable by counter measure
>> technology? Or am I wrong...?
>>
>> --
>> Rowdy Yates
>> I am Against-TCPA
>> http://www.againsttcpa.com
>
>Unless the Government poses penalties on misconfigured Proxy Server owners,
>there is no way to track down hackers,

This is about extortion by DoS in the UK its got nothing to do with
the US Government or hackers.

>let alone bikers who extort the **** out of anyone with money.

In the UK they ride bikes.

>Want to learn about Computers, the Internet and Hacking then visit my Website

more spam.

GENERAL COMPUTER HEALTH WARNING
-------------------------------

Any advice from a poster using the word 'tracker' may contain
dangerous nonsense and should be immediately deleted from your
computer.

Do NOT contact this person by email

Do NOT feed the Trolls, one warning is enough, further messages
only reinforce the desire for attention that provides motivation.

Visit the fan club at:
http://www.sand-n-sea.us/debbiesdrival.htm

--
Jim Watt
http://www.gibnet.com

01-17-2004, 03:20 PM

"Tracker" <"snailmail(valid)222000"@yahoo.com> wrote in message
news:...
>
>
> Rowdy Yates wrote:
>
> > So I watched this BBC news item on criminal activity on the internet.
The
> > deal is, these people go around researching companies, find a target and
> > then stage a DoS attack on the company, demand money ransom and don't
stop
> > until they get the $$$. Basically, "Internet extortion"...
> >
> > Here's the link....
> > http://news.bbc.co.uk/1/hi/business/3265423.stm
> >
> > Shouldn't this stuff be easily stoppable & trackable by counter measure
> > technology? Or am I wrong...?
> >
> > --
> > Rowdy Yates
> > I am Against-TCPA
> > http://www.againsttcpa.com
>
> Unless the Government poses penalties on misconfigured Proxy Server
owners,
> there is no way to track down hackers, let alone bikers who extort the
****
> out of anyone with money.
>
> Want to learn about Computers, the Internet and Hacking then visit my
Website
> at:
> http://geocities.com/hacking_internet_secrets
>
> Tracker
>

You dont need a misconfigured proxy to DoS you silly little wh0re. And now
its the bikers that
are malicious hackers ? wow, ferret owners and bikers are all now
international terrorists.
Thats right isnt it tracker ? I mean ferret owners are hackers arent they,
and hackers are
terrorists and extorionists and drug trafficers, and bikers are
extortionists too now.
Wow, when you think about it like that tracker, everyone is out to get YOU
and extort YOU
and come after YOU and blow YOU up. Better run and hide.

--
Mimic

"Without knowledge you have fear. With fear you create your own nightmares."
"There are 10 types of people in the world. Those that understand Binary,
and those that dont."
"He who controls Google, controls the world".

01-17-2004, 03:37 PM

In article <T8CdneGLDYo1zpTdRVn->,
says...

> And now its the bikers that are malicious hackers ?

> Mimic
>

she's just thinking of me and _574_ ;p

--
Colonel Flagg
http://www.internetwarzone.org/

Privacy at a click:
http://www.cotse.net

Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."

"...I see stupid people."

01-16-2004, 12:30 AM	#2
kulm_nd Posts: n/a	Re: Lets hear from the pro's DoS often use zombies, computers belonging to others infected by a trojan. The zombies do the DoS and do not belong to the person doing the attack and finding where the trojan that infected the machine came from may not be possible. -- ************************************************ g-w "Rowdy Yates" <> wrote in message news:Xns9471C3436C1EErowdyyatesnospamlyco@66.185.9 5.104... > So I watched this BBC news item on criminal activity on the internet. The > deal is, these people go around researching companies, find a target and > then stage a DoS attack on the company, demand money ransom and don't stop > until they get the $$$. Basically, "Internet extortion"... > > Here's the link.... > http://news.bbc.co.uk/1/hi/business/3265423.stm > > Shouldn't this stuff be easily stoppable & trackable by counter measure > technology? Or am I wrong...? > > > -- > Rowdy Yates > I am Against-TCPA > http://www.againsttcpa.com

01-16-2004, 01:18 AM	#3
Colonel Flagg Posts: n/a	Re: Lets hear from the pro's In article <Xns9471C3436C1EErowdyyatesnospamlyco@66.185.95.10 4>, says... > So I watched this BBC news item on criminal activity on the internet. The > deal is, these people go around researching companies, find a target and > then stage a DoS attack on the company, demand money ransom and don't stop > until they get the $$$. Basically, "Internet extortion"... > > Here's the link.... > http://news.bbc.co.uk/1/hi/business/3265423.stm > > Shouldn't this stuff be easily stoppable & trackable by counter measure > technology? Or am I wrong...? > > > 2 years ago or for small companies not backboned by major players, it can be downright terrible. for big companies or those backboned by the big-boy pipe providers, DoS attacks are easily avoidable. It's only a matter of time, say another year or maybe two, until DoS attacks are completely a thing of the past and we'll be worrying about something new and even more dangerous. -- Colonel Flagg http://www.internetwarzone.org/ Privacy at a click: http://www.cotse.net Q: How many Bill Gates does it take to change a lightbulb? A: None, he just defines Darkness? as the new industry standard..." "...I see stupid people."

01-16-2004, 01:47 AM	#4
Rowdy Yates Posts: n/a	Re: Lets hear from the pro's Colonel Flagg <> wrote in news:: > In article <Xns9471C3436C1EErowdyyatesnospamlyco@66.185.95.10 4>, > says... >> So I watched this BBC news item on criminal activity on the internet. >> The deal is, these people go around researching companies, find a >> target and then stage a DoS attack on the company, demand money >> ransom and don't stop until they get the $$$. Basically, "Internet >> extortion"... >> >> Here's the link.... >> http://news.bbc.co.uk/1/hi/business/3265423.stm >> >> Shouldn't this stuff be easily stoppable & trackable by counter >> measure technology? Or am I wrong...? >> >> >> > > 2 years ago or for small companies not backboned by major players, it > can be downright terrible. > > for big companies or those backboned by the big-boy pipe providers, > DoS attacks are easily avoidable. It's only a matter of time, say > another year or maybe two, until DoS attacks are completely a thing of > the past and we'll be worrying about something new and even more > dangerous. > > > yeah, i heard this security guru guy once said, there a lots of things your ISP can do, the question is, will your ISP do them for "you". -- Rowdy Yates I am Against-TCPA http://www.againsttcpa.com

01-16-2004, 09:16 AM	#5
Hairy One Kenobi Posts: n/a	Re: Lets hear from the pro's "Rowdy Yates" <> wrote in message news:Xns9471D373D930Erowdyyatesnospamlyco@66.185.9 5.104... > Colonel Flagg <> wrote in > news:: <snip> > >> Shouldn't this stuff be easily stoppable & trackable by counter > >> measure technology? Or am I wrong...? > > > > 2 years ago or for small companies not backboned by major players, it > > can be downright terrible. > > > > for big companies or those backboned by the big-boy pipe providers, > > DoS attacks are easily avoidable. It's only a matter of time, say > > another year or maybe two, until DoS attacks are completely a thing of > > the past and we'll be worrying about something new and even more > > dangerous. > > yeah, i heard this security guru guy once said, there a lots of things your > ISP can do, the question is, will your ISP do them for "you". Possibly not for /you/, but they should do so for /themselves/ - remember, enough traffic to (D)DoS a site on their network is going to be a definite blip in their own network loading. Possibly large enough to annoy one of their larger customers, which is where it starts to cost them hard cash.. -- Hairy One Kenobi Disclaimer: the opinions expressed in this opinion do not necessarily reflect the opinions of the highly-opinionated person expressing the opinion in the first place. So there!

01-16-2004, 10:23 AM	#6
Lord Shaolin Posts: n/a	Re: Lets hear from the pro's Rowdy Yates wisely said the following on 16/01/2004 00:10: > So I watched this BBC news item on criminal activity on the internet. The > deal is, these people go around researching companies, find a target and > then stage a DoS attack on the company, demand money ransom and don't stop > until they get the $$$. Basically, "Internet extortion"... > > Here's the link.... > http://news.bbc.co.uk/1/hi/business/3265423.stm > > Shouldn't this stuff be easily stoppable & trackable by counter measure > technology? Or am I wrong...? > > Yeh this is quite an old thing, a few russian gangs have been doing this for 18 months - 2 years. There is not a lot you can do to stop a DoS, especially a DDoS if it's powerful enough to take out your upstream routers and the people launching it know what they are doing. There are a lot of things your ISP can do, and there are things ISP's can do in general to stop DoS attacks, but they aren't happening (For example, what legitimate reason does an ISP netblock have for generating traffic with a source address not in that block? If ISP's just dropped this traffic DDoS attacks would be a thing of the past). I have seen DDoS attacks bad enough to make an ISP unstable (these are major ISP's not small resellers) and some ISP's in the UK have gone bankrupt due to sustained DDoS attacks on their networks. Some of these incidents were related to the DALnet attacks, these attacks were so fierce and sustained that many sponsors have had to pull out as the attacks on the servers were degrading their whole network. This stuff is not easily stopped and is not easily traced, it's not always possible to trace and it's not easy to stop (Remember mafiaboy and yahoo etc? He took out half of the Internet and was only caught because he went round bragging about it, not because they traced him). There are now services that can host sites that are likely to be DDoSed and they do have technological countermeasures (mainly a **** load of bandwidth and multiple burstable redundant connections) plus things like SYN cookies and so on have made things better. Also read this: http://www.grc.com/dos/grcdos.htm And the attacks which have pretty much killed DALnet totally: http://zine.dal.net/previousissues/issue22/what-dos.php http://zine.dal.net/previousissues/i...dos-impact.php http://www.theregister.co.uk/content/55/28515.html http://www.techspot.com/vb/showthread/t-3485.html etc. Cheers ST -- Get your Geek Goodies! http://shop.security-forums.com .: http://www.security-forums.com :. Share your knowledge It's a way to achieve Immortality.

01-16-2004, 12:10 AM	#1
	Lets hear from the pro's So I watched this BBC news item on criminal activity on the internet. The deal is, these people go around researching companies, find a target and then stage a DoS attack on the company, demand money ransom and don't stop until they get the $$$. Basically, "Internet extortion"... Here's the link.... http://news.bbc.co.uk/1/hi/business/3265423.stm Shouldn't this stuff be easily stoppable & trackable by counter measure technology? Or am I wrong...? -- Rowdy Yates I am Against-TCPA http://www.againsttcpa.com Rowdy Yates

01-17-2004, 09:52 AM	#7
Hairy One Kenobi Posts: n/a	Re: Lets hear from the pro's "Tracker" <"snailmail(valid)222000"@yahoo.com> wrote in message news:... > Rowdy Yates wrote: > > > So I watched this BBC news item on criminal activity on the internet. The > > deal is, these people go around researching companies, find a target and > > then stage a DoS attack on the company, demand money ransom and don't stop > > until they get the $$$. Basically, "Internet extortion"... > > > > Here's the link.... > > http://news.bbc.co.uk/1/hi/business/3265423.stm > > > > Shouldn't this stuff be easily stoppable & trackable by counter measure > > technology? Or am I wrong...? > Unless the Government poses penalties on misconfigured Proxy Server owners, > there is no way to track down hackers, let alone bikers who extort the **** > out of anyone with money. Which Government would this be? UK, US, or one of the other 230-odd? I presume that you keep the stats on Proxy attacks vs. everything else in the same place as "how you helped Microsoft"..? H1K

01-17-2004, 12:18 PM	#8
Jim Watt Posts: n/a	Re: Lets hear from the pro's On Sat, 17 Jan 2004 11:33:41 -0800, Tracker <"snailmail(valid)222000"@yahoo.com> wrote: > > >Rowdy Yates wrote: > >> So I watched this BBC news item on criminal activity on the internet. The >> deal is, these people go around researching companies, find a target and >> then stage a DoS attack on the company, demand money ransom and don't stop >> until they get the $$$. Basically, "Internet extortion"... >> >> Here's the link.... >> http://news.bbc.co.uk/1/hi/business/3265423.stm >> >> Shouldn't this stuff be easily stoppable & trackable by counter measure >> technology? Or am I wrong...? >> >> -- >> Rowdy Yates >> I am Against-TCPA >> http://www.againsttcpa.com > >Unless the Government poses penalties on misconfigured Proxy Server owners, >there is no way to track down hackers, This is about extortion by DoS in the UK its got nothing to do with the US Government or hackers. >let alone bikers who extort the **** out of anyone with money. In the UK they ride bikes. >Want to learn about Computers, the Internet and Hacking then visit my Website more spam. GENERAL COMPUTER HEALTH WARNING ------------------------------- Any advice from a poster using the word 'tracker' may contain dangerous nonsense and should be immediately deleted from your computer. Do NOT contact this person by email Do NOT feed the Trolls, one warning is enough, further messages only reinforce the desire for attention that provides motivation. Visit the fan club at: http://www.sand-n-sea.us/debbiesdrival.htm -- Jim Watt http://www.gibnet.com

01-17-2004, 03:20 PM	#9
Mimic Posts: n/a	Re: Lets hear from the pro's "Tracker" <"snailmail(valid)222000"@yahoo.com> wrote in message news:... > > > Rowdy Yates wrote: > > > So I watched this BBC news item on criminal activity on the internet. The > > deal is, these people go around researching companies, find a target and > > then stage a DoS attack on the company, demand money ransom and don't stop > > until they get the $$$. Basically, "Internet extortion"... > > > > Here's the link.... > > http://news.bbc.co.uk/1/hi/business/3265423.stm > > > > Shouldn't this stuff be easily stoppable & trackable by counter measure > > technology? Or am I wrong...? > > > > -- > > Rowdy Yates > > I am Against-TCPA > > http://www.againsttcpa.com > > Unless the Government poses penalties on misconfigured Proxy Server owners, > there is no way to track down hackers, let alone bikers who extort the **** > out of anyone with money. > > Want to learn about Computers, the Internet and Hacking then visit my Website > at: > http://geocities.com/hacking_internet_secrets > > Tracker > You dont need a misconfigured proxy to DoS you silly little wh0re. And now its the bikers that are malicious hackers ? wow, ferret owners and bikers are all now international terrorists. Thats right isnt it tracker ? I mean ferret owners are hackers arent they, and hackers are terrorists and extorionists and drug trafficers, and bikers are extortionists too now. Wow, when you think about it like that tracker, everyone is out to get YOU and extort YOU and come after YOU and blow YOU up. Better run and hide. -- Mimic "Without knowledge you have fear. With fear you create your own nightmares." "There are 10 types of people in the world. Those that understand Binary, and those that dont." "He who controls Google, controls the world".

01-17-2004, 03:37 PM	#10
Colonel Flagg Posts: n/a	Re: Lets hear from the pro's In article <T8CdneGLDYo1zpTdRVn->, says... > And now its the bikers that are malicious hackers ? > Mimic > she's just thinking of me and _574_ ;p -- Colonel Flagg http://www.internetwarzone.org/ Privacy at a click: http://www.cotse.net Q: How many Bill Gates does it take to change a lightbulb? A: None, he just defines Darkness? as the new industry standard..." "...I see stupid people."

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search