[LINK] Distributed Denial of Service attacks
Fri, 11 Feb 2000 17:58:09 +1100
At 4:48 PM +1100 11/2/00, Tony Barry wrote:
>At 1:56 PM +1100 11/2/2000, Grant Bayley wrote:
>>(which may consist of any mix of smurf, trin00, TFN,
>>stacheldracht, TFN2k etc)
>I would be greatly helped to know what these things are and do. I'm not
>sure if other members of the list share my interest in this detail but I'm
>sure many share my ignorance.
>Would anybody like a very brief primer on how denial of service attacks are
>done and what these acronims mean?
I'll have a go:
denial of service = anything that stops (either partially or fully) another
person using their computer/network
denial of service attack = the most common form consists of flooding a
computer/router with hundreds....billions of bits of junk (ping, syn, etc)
data so that the computer/router gets overloaded and cannot be used by its
distributed denial of service attack = while a normal denial of service
attack normally comes from one "bad guy" source, a distributed denial of
service attack involves many (tens, hundrreds, etc) of "bad guy" sources
working together to target one poor unfortunate site/router/computer
(Yahoo, eBay, etc). with many different attackers it is harder to stop the
problem - you can't just block one source.
trin00, Tribe Flood Network, etc = hacker tools, supposedly developed in
Russia, that automate distributed denial of service attacks. these
consist of trojan horse software that is loaded onto many (tens, hundreds)
of unsuspecting computers around the Net, usually those with permanent
connections (unis, govt, business). on command from the master "bad guy",
these unsuspecting computers will execute the trojan horse software and
begin a "pingstorm" or "synflood" (hence, "tribe flood") against the victim.
probably the simplest analogy i heard was: it's like pointing hundreds of
different lasers all at the same point to bore a hole/blind the victim, etc.
in a nutshell, hope that helps, etc.
Dan Tebbutt, Technology Writer, Melbourne Australia
The Australian (http://technology.news.com.au)
Ph: +61-3-9292-1370 Fax:+61-3-9292-2803
"The revolution will be televised ... on pay-per-view."