Lets hear from the pro's

Discussion in 'Computer Security' started by Rowdy Yates, Jan 16, 2004.

  1. Rowdy Yates

    Rowdy Yates Guest

    So I watched this BBC news item on criminal activity on the internet. The
    deal is, these people go around researching companies, find a target and
    then stage a DoS attack on the company, demand money ransom and don't stop
    until they get the $$$. Basically, "Internet extortion"...

    Here's the link....
    http://news.bbc.co.uk/1/hi/business/3265423.stm

    Shouldn't this stuff be easily stoppable & trackable by counter measure
    technology? Or am I wrong...?


    --
    Rowdy Yates
    I am Against-TCPA
    http://www.againsttcpa.com
    Rowdy Yates, Jan 16, 2004
    #1
    1. Advertising

  2. Rowdy Yates

    kulm_nd Guest

    DoS often use zombies, computers belonging to others infected by a trojan.
    The zombies do the DoS and do not belong to the person doing the attack and
    finding where the trojan that infected the machine came from may not be
    possible.

    --

    ************************************************

    g-w


    "Rowdy Yates" <> wrote in message
    news:Xns9471C3436C1EErowdyyatesnospamlyco@66.185.95.104...
    > So I watched this BBC news item on criminal activity on the internet. The
    > deal is, these people go around researching companies, find a target and
    > then stage a DoS attack on the company, demand money ransom and don't stop
    > until they get the $$$. Basically, "Internet extortion"...
    >
    > Here's the link....
    > http://news.bbc.co.uk/1/hi/business/3265423.stm
    >
    > Shouldn't this stuff be easily stoppable & trackable by counter measure
    > technology? Or am I wrong...?
    >
    >
    > --
    > Rowdy Yates
    > I am Against-TCPA
    > http://www.againsttcpa.com
    kulm_nd, Jan 16, 2004
    #2
    1. Advertising

  3. In article <Xns9471C3436C1EErowdyyatesnospamlyco@66.185.95.104>,
    says...
    > So I watched this BBC news item on criminal activity on the internet. The
    > deal is, these people go around researching companies, find a target and
    > then stage a DoS attack on the company, demand money ransom and don't stop
    > until they get the $$$. Basically, "Internet extortion"...
    >
    > Here's the link....
    > http://news.bbc.co.uk/1/hi/business/3265423.stm
    >
    > Shouldn't this stuff be easily stoppable & trackable by counter measure
    > technology? Or am I wrong...?
    >
    >
    >


    2 years ago or for small companies not backboned by major players, it
    can be downright terrible.

    for big companies or those backboned by the big-boy pipe providers, DoS
    attacks are easily avoidable. It's only a matter of time, say another
    year or maybe two, until DoS attacks are completely a thing of the past
    and we'll be worrying about something new and even more dangerous.



    --
    Colonel Flagg
    http://www.internetwarzone.org/

    Privacy at a click:
    http://www.cotse.net

    Q: How many Bill Gates does it take to change a lightbulb?
    A: None, he just defines Darkness? as the new industry standard..."

    "...I see stupid people."
    Colonel Flagg, Jan 16, 2004
    #3
  4. Rowdy Yates

    Rowdy Yates Guest

    Colonel Flagg <> wrote in
    news::

    > In article <Xns9471C3436C1EErowdyyatesnospamlyco@66.185.95.104>,
    > says...
    >> So I watched this BBC news item on criminal activity on the internet.
    >> The deal is, these people go around researching companies, find a
    >> target and then stage a DoS attack on the company, demand money
    >> ransom and don't stop until they get the $$$. Basically, "Internet
    >> extortion"...
    >>
    >> Here's the link....
    >> http://news.bbc.co.uk/1/hi/business/3265423.stm
    >>
    >> Shouldn't this stuff be easily stoppable & trackable by counter
    >> measure technology? Or am I wrong...?
    >>
    >>
    >>

    >
    > 2 years ago or for small companies not backboned by major players, it
    > can be downright terrible.
    >
    > for big companies or those backboned by the big-boy pipe providers,
    > DoS attacks are easily avoidable. It's only a matter of time, say
    > another year or maybe two, until DoS attacks are completely a thing of
    > the past and we'll be worrying about something new and even more
    > dangerous.
    >
    >
    >


    yeah, i heard this security guru guy once said, there a lots of things your
    ISP can do, the question is, will your ISP do them for "you".

    --
    Rowdy Yates
    I am Against-TCPA
    http://www.againsttcpa.com
    Rowdy Yates, Jan 16, 2004
    #4
  5. "Rowdy Yates" <> wrote in message
    news:Xns9471D373D930Erowdyyatesnospamlyco@66.185.95.104...
    > Colonel Flagg <> wrote in
    > news::


    <snip>

    > >> Shouldn't this stuff be easily stoppable & trackable by counter
    > >> measure technology? Or am I wrong...?

    > >
    > > 2 years ago or for small companies not backboned by major players, it
    > > can be downright terrible.
    > >
    > > for big companies or those backboned by the big-boy pipe providers,
    > > DoS attacks are easily avoidable. It's only a matter of time, say
    > > another year or maybe two, until DoS attacks are completely a thing of
    > > the past and we'll be worrying about something new and even more
    > > dangerous.

    >
    > yeah, i heard this security guru guy once said, there a lots of things

    your
    > ISP can do, the question is, will your ISP do them for "you".


    Possibly not for /you/, but they should do so for /themselves/ - remember,
    enough traffic to (D)DoS a site on their network is going to be a definite
    blip in their own network loading.

    Possibly large enough to annoy one of their larger customers, which is where
    it starts to cost them hard cash..

    --

    Hairy One Kenobi

    Disclaimer: the opinions expressed in this opinion do not necessarily
    reflect the opinions of the highly-opinionated person expressing the opinion
    in the first place. So there!
    Hairy One Kenobi, Jan 16, 2004
    #5
  6. Rowdy Yates

    Lord Shaolin Guest

    Rowdy Yates wisely said the following on 16/01/2004 00:10:

    > So I watched this BBC news item on criminal activity on the internet. The
    > deal is, these people go around researching companies, find a target and
    > then stage a DoS attack on the company, demand money ransom and don't stop
    > until they get the $$$. Basically, "Internet extortion"...
    >
    > Here's the link....
    > http://news.bbc.co.uk/1/hi/business/3265423.stm
    >
    > Shouldn't this stuff be easily stoppable & trackable by counter measure
    > technology? Or am I wrong...?
    >
    >


    Yeh this is quite an old thing, a few russian gangs have been doing this
    for 18 months - 2 years.

    There is not a lot you can do to stop a DoS, especially a DDoS if it's
    powerful enough to take out your upstream routers and the people
    launching it know what they are doing.

    There are a lot of things your ISP can do, and there are things ISP's
    can do in general to stop DoS attacks, but they aren't happening (For
    example, what legitimate reason does an ISP netblock have for generating
    traffic with a source address not in that block? If ISP's just dropped
    this traffic DDoS attacks would be a thing of the past).

    I have seen DDoS attacks bad enough to make an ISP unstable (these are
    major ISP's not small resellers) and some ISP's in the UK have gone
    bankrupt due to sustained DDoS attacks on their networks. Some of these
    incidents were related to the DALnet attacks, these attacks were so
    fierce and sustained that many sponsors have had to pull out as the
    attacks on the servers were degrading their whole network.

    This stuff is *not* easily stopped and is *not* easily traced, it's not
    always possible to trace and it's not easy to stop (Remember mafiaboy
    and yahoo etc? He took out half of the Internet and was only caught
    because he went round bragging about it, not because they traced him).

    There are now services that can host sites that are likely to be DDoSed
    and they do have technological countermeasures (mainly a shit load of
    bandwidth and multiple burstable redundant connections) plus things like
    SYN cookies and so on have made things better.

    Also read this: http://www.grc.com/dos/grcdos.htm

    And the attacks which have pretty much killed DALnet totally:

    http://zine.dal.net/previousissues/issue22/what-dos.php
    http://zine.dal.net/previousissues/issue22/dos-impact.php

    http://www.theregister.co.uk/content/55/28515.html
    http://www.techspot.com/vb/showthread/t-3485.html

    etc.

    Cheers

    ST

    --
    Get your Geek Goodies!
    http://shop.security-forums.com

    .: http://www.security-forums.com :.

    Share your knowledge
    It's a way to achieve
    Immortality.
    Lord Shaolin, Jan 16, 2004
    #6
  7. "Tracker" <"snailmail(valid)222000"@yahoo.com> wrote in message
    news:...
    > Rowdy Yates wrote:
    >
    > > So I watched this BBC news item on criminal activity on the internet.

    The
    > > deal is, these people go around researching companies, find a target and
    > > then stage a DoS attack on the company, demand money ransom and don't

    stop
    > > until they get the $$$. Basically, "Internet extortion"...
    > >
    > > Here's the link....
    > > http://news.bbc.co.uk/1/hi/business/3265423.stm
    > >
    > > Shouldn't this stuff be easily stoppable & trackable by counter measure
    > > technology? Or am I wrong...?


    > Unless the Government poses penalties on misconfigured Proxy Server

    owners,
    > there is no way to track down hackers, let alone bikers who extort the

    shit
    > out of anyone with money.


    Which Government would this be? UK, US, or one of the other 230-odd?

    I presume that you keep the stats on Proxy attacks vs. everything else in
    the same place as "how you helped Microsoft"..?

    H1K
    Hairy One Kenobi, Jan 17, 2004
    #7
  8. Rowdy Yates

    Jim Watt Guest

    On Sat, 17 Jan 2004 11:33:41 -0800, Tracker
    <"snailmail(valid)222000"@yahoo.com> wrote:

    >
    >
    >Rowdy Yates wrote:
    >
    >> So I watched this BBC news item on criminal activity on the internet. The
    >> deal is, these people go around researching companies, find a target and
    >> then stage a DoS attack on the company, demand money ransom and don't stop
    >> until they get the $$$. Basically, "Internet extortion"...
    >>
    >> Here's the link....
    >> http://news.bbc.co.uk/1/hi/business/3265423.stm
    >>
    >> Shouldn't this stuff be easily stoppable & trackable by counter measure
    >> technology? Or am I wrong...?
    >>
    >> --
    >> Rowdy Yates
    >> I am Against-TCPA
    >> http://www.againsttcpa.com

    >
    >Unless the Government poses penalties on misconfigured Proxy Server owners,
    >there is no way to track down hackers,


    This is about extortion by DoS in the UK its got nothing to do with
    the US Government or hackers.

    >let alone bikers who extort the shit out of anyone with money.


    In the UK they ride bikes.

    >Want to learn about Computers, the Internet and Hacking then visit my Website


    more spam.

    GENERAL COMPUTER HEALTH WARNING
    -------------------------------

    Any advice from a poster using the word 'tracker' may contain
    dangerous nonsense and should be immediately deleted from your
    computer.

    Do NOT contact this person by email

    Do NOT feed the Trolls, one warning is enough, further messages
    only reinforce the desire for attention that provides motivation.

    Visit the fan club at:
    http://www.sand-n-sea.us/debbiesdrival.htm

    --
    Jim Watt
    http://www.gibnet.com
    Jim Watt, Jan 17, 2004
    #8
  9. Rowdy Yates

    Mimic Guest

    "Tracker" <"snailmail(valid)222000"@yahoo.com> wrote in message
    news:...
    >
    >
    > Rowdy Yates wrote:
    >
    > > So I watched this BBC news item on criminal activity on the internet.

    The
    > > deal is, these people go around researching companies, find a target and
    > > then stage a DoS attack on the company, demand money ransom and don't

    stop
    > > until they get the $$$. Basically, "Internet extortion"...
    > >
    > > Here's the link....
    > > http://news.bbc.co.uk/1/hi/business/3265423.stm
    > >
    > > Shouldn't this stuff be easily stoppable & trackable by counter measure
    > > technology? Or am I wrong...?
    > >
    > > --
    > > Rowdy Yates
    > > I am Against-TCPA
    > > http://www.againsttcpa.com

    >
    > Unless the Government poses penalties on misconfigured Proxy Server

    owners,
    > there is no way to track down hackers, let alone bikers who extort the

    shit
    > out of anyone with money.
    >
    > Want to learn about Computers, the Internet and Hacking then visit my

    Website
    > at:
    > http://geocities.com/hacking_internet_secrets
    >
    > Tracker
    >


    You dont need a misconfigured proxy to DoS you silly little wh0re. And now
    its the bikers that
    are malicious hackers ? wow, ferret owners and bikers are all now
    international terrorists.
    Thats right isnt it tracker ? I mean ferret owners are hackers arent they,
    and hackers are
    terrorists and extorionists and drug trafficers, and bikers are
    extortionists too now.
    Wow, when you think about it like that tracker, everyone is out to get YOU
    and extort YOU
    and come after YOU and blow YOU up. Better run and hide.

    --
    Mimic

    "Without knowledge you have fear. With fear you create your own nightmares."
    "There are 10 types of people in the world. Those that understand Binary,
    and those that dont."
    "He who controls Google, controls the world".
    Mimic, Jan 17, 2004
    #9
  10. In article <>,
    says...

    > And now its the bikers that are malicious hackers ?


    > Mimic
    >



    she's just thinking of me and _574_ ;p



    --
    Colonel Flagg
    http://www.internetwarzone.org/

    Privacy at a click:
    http://www.cotse.net

    Q: How many Bill Gates does it take to change a lightbulb?
    A: None, he just defines Darkness? as the new industry standard..."

    "...I see stupid people."
    Colonel Flagg, Jan 17, 2004
    #10
  11. Rowdy Yates

    Leythos Guest

    In article <>, Tracker <"snailmail(valid)
    222000"@yahoo.com> says...
    > Unless the Government poses penalties on misconfigured Proxy Server owners,
    > there is no way to track down hackers, let alone bikers who extort the shit
    > out of anyone with money.
    >
    > Want to learn about Computers, the Internet and Hacking then visit my Website
    > at:
    >
    > Tracker


    What we really need is for lay enforcement or some government office to
    go after lamers that post to the internet about things they dont
    understand while claiming that they do!

    Get a hint you moron, leave these groups.

    --
    --

    (Remove 999 to reply to me)
    Leythos, Jan 17, 2004
    #11
  12. Rowdy Yates

    Tracker Guest

    Rowdy Yates wrote:

    > So I watched this BBC news item on criminal activity on the internet. The
    > deal is, these people go around researching companies, find a target and
    > then stage a DoS attack on the company, demand money ransom and don't stop
    > until they get the $$$. Basically, "Internet extortion"...
    >
    > Here's the link....
    > http://news.bbc.co.uk/1/hi/business/3265423.stm
    >
    > Shouldn't this stuff be easily stoppable & trackable by counter measure
    > technology? Or am I wrong...?
    >
    > --
    > Rowdy Yates
    > I am Against-TCPA
    > http://www.againsttcpa.com


    Unless the Government poses penalties on misconfigured Proxy Server owners,
    there is no way to track down hackers, let alone bikers who extort the shit
    out of anyone with money.

    Want to learn about Computers, the Internet and Hacking then visit my Website
    at:
    http://geocities.com/hacking_internet_secrets

    Tracker
    Tracker, Jan 17, 2004
    #12
  13. Re: Lets hear from the pro's - Uh, "pros"

    There's no "'" in pros or any other plural.

    Richard

    "Rowdy Yates" <> wrote in
    message
    news:Xns9471C3436C1EErowdyyatesnospamlyco@66.185.95.104...
    > So I watched this BBC news item on criminal activity on

    the internet. The
    > deal is, these people go around researching companies,

    find a target and
    > then stage a DoS attack on the company, demand money

    ransom and don't stop
    > until they get the $$$. Basically, "Internet extortion"...
    >
    > Here's the link....
    > http://news.bbc.co.uk/1/hi/business/3265423.stm
    >
    > Shouldn't this stuff be easily stoppable & trackable by

    counter measure
    > technology? Or am I wrong...?
    >
    >
    > --
    > Rowdy Yates
    > I am Against-TCPA
    > http://www.againsttcpa.com
    Richard Steinfeld, Jan 25, 2004
    #13
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. christiane kewitz
    Replies:
    1
    Views:
    567
    Pavel A.
    Feb 13, 2005
  2. sponge

    Lets hear from the pro's

    sponge, Jan 16, 2004, in forum: Computer Security
    Replies:
    0
    Views:
    478
    sponge
    Jan 16, 2004
  3. estella aguilar

    hear ye, hear ye.help is needed.......

    estella aguilar, Aug 27, 2006, in forum: Digital Photography
    Replies:
    55
    Views:
    1,083
    estella aguilar via PhotoKB.com
    Sep 1, 2006
  4. Hermes
    Replies:
    0
    Views:
    382
    Hermes
    Mar 26, 2007
  5. Max Ambient
    Replies:
    2
    Views:
    334
    Lawrence D'Oliveiro
    Dec 16, 2004
Loading...

Share This Page