O'Reilly Revisits Online Countermeasures 199
An anonymous reader writes "I just saw that late last night an editor at O'Reilly published a blog that takes a look at 'countermeasures' and 'striking back' technologies a year after a startup in Austin, TX published a white paper on the subject that caused a lot of controversy. It also links to a blog by Symbiot founder William Hurley's entitled: Self Defending Networks, Aggressive Network Self-Defense, and Vigilantes on the net. which IMHO is a damn interesting read (even though I'm personally at odds with people who want to 'strike back')."
What can you do back that's legal? (Score:4, Insightful)
-Jesse
Re:What can you do back that's legal? (Score:4, Informative)
\/\/3 0wn y0u, |\/|1(r050f7, 7h3 5(r1p7-k1dd135.
Re:What can you do back that's legal? (Score:3, Interesting)
I wish more people realized this...
I have had one idea regarding a strike-back tech
Re:What can you do back that's legal? (Score:2)
This might happen occasionally but these attacks (in my limited experience) are more theoretical than acutal. Shutting down the zombied machines would more than compensate for the occasional spoofed address.
Re:What can you do back that's legal? (Score:2)
It might be theoretical, but such attacks would be *trivial* to write. If more people used strike-back technologies, then there would be a real chance that more people would use them.
With my automated email solution, spoof army.mil and all that happens is that the admin of army.mil gets one email (sa
Re:What can you do back that's legal? (Score:2)
Re:What can you do back that's legal? (Score:2)
Re:What can you do back that's legal? (Score:2)
Sure, it's vigilante justice at it's finest, but the reason we don't do this in the physical world anymore is because we have a justice system to deal with it. The cop
Re:What can you do back that's legal? (Score:2)
There are certain attacks that can't be spoofed. For example, whilest you can spoof single TCP packets, you can't spoof an entire session (unless you control one of the routers the traffic would go through anyway). So if you only launch a defensive attack against unspoofable attacks then this would seem safe (unspoofable attacks include stuff like attacks over HTTP, SSH
Re:What can you do back that's legal? (Score:2)
(For those that haven't been following the jargon, tarpitting is intentionally slowing your responses to the maximimum time before timeout, and sending the minimum amount data in each response. The idea is to take up as much
Re:What can you do back that's legal? (Score:2)
the Netfilter TARPIT target used to work very well, unfortunately AFAIK it still hasn't been ported to the 2.6 kernel.
That said, I think you need to be very careful with tarpitting - i.e. only tarpit stuff which has no legitimate use over the public network (i.e. NetBIOS, etc). I'm very much against tarpitting legitimate ports (which you aren't running services on) such as HTTP, etc since it's entirely possible that someone is legiti
Re:What can you do back that's legal? (Score:5, Insightful)
Self defense is one thing, but attacking back is another. If someone steals from you, should you steal from them or hurt them? I would say no, and most moral philosophy would also say so too. From a legal standpoint, this is America dammit! Even if I try to take down slashdot.org their return attack has violated my rights to due process. Yeah, I know that it sucks that criminals often seem to get protected more than the victims, but that is the way the system works.
If everyone took the law into their own hands there wouldn't be "the law" anymore - just street justice. Due process exists in order to protect the wrongfully accussed, and millions of zombie PC owners thank you for that. Just think, most attacks are launched from the actual attackers PC or server. How can you even be sure who to attack?
If you are so sure, go to the proper authorities. No need to make all the white hats grey.
Re:What can you do back that's legal? (Score:2)
Re:What can you do back that's legal? (Score:2)
Re:What can you do back that's legal? (Score:3, Insightful)
Re:What can you do back that's legal? (Score:3, Insightful)
This is sophistry. Attacking "back" means by definition that you are responding to someone else's act. If you're standing in a bar and get hit in the face, well, you've just been hit in the face. There's time between that blow, and the next one. Between those blows, you're not "still" being hit in the face, but simply girding yourself for the next blow to the face isn't really enough, morally or practically. Physically stopping such an assault (or t
Re:What can you do back that's legal? (Score:3, Insightful)
Except you can't be sure who hit you; and its more like being hit in the back of the head with a brick that has a name written on it. Is it the name of the guy who threw it? or did he write some elses name on it? You might as well grab some random guy and start a bar brawl while the guy with the brick sits back and laughs at you.
Absolutely right (Score:2)
Re:What can you do back that's legal? (Score:4, Interesting)
Have you ever tried to call your local police when your box gets hacked? Pointless. You're left feeling frustrated and powerless. The security experts just tell you to harden your defenses, but that's like telling you to put a moat and wall around your house (and builds a business for same said security experts). You're totally on your own out there when you should have the support of the authorities, despite having paid them your taxes and freedoms.
So until governments actually start prosecuting the common internet criminal, you're left alone with your interfaces exposed to any idjit with nmap and some root kits, all you can rely on is yourself and other people you know who've been in the same boat. And hey, if the gov-mint aint prosecuting the people that attack you, they ain't gonna do shit about you attacking back either.
The ultimate solution would be punishing all the assholes that are scripting exploits across the web with real, visceral penalties. Until then you'll have to get justice where you can. Be it street or fiber, it's all you can get.
Re:What can you do back that's legal? (Score:2)
If someone steals from you, should you steal from them or hurt them? I would say no, and most moral philosophy would also say so too. From a legal standpoint, this is America dammit! Even if I try to take down slashdot.org their return attack has violated my rights to due process.
This seems to be an example of someone talking out of their rear end.
No, I cannot legally break into a thief's house and steal at will, whether or not that would
Re:What can you do back that's legal? (Score:2)
I meant aren't
Re:What can you do back that's legal? (Score:2)
Self defense and attacking back may well be the same thing. If you're sitting on a park bench and some guy comes up to you every 30 seconds and smacks you around the head with a baseball bat, I think you probably have every right to smack them back until they stop.
IMHO what you _shouldn't_ do is a delayed reaction - if someone has stopped attacking you already then any retalitory attack you make is offensive rather than defensive. Going back to t
Re:What can you do back that's legal? (Score:2)
Re:What can you do back that's legal? (Score:3, Insightful)
It is like defending yourself with hand grenades in a crowded room, even if you didn't have a double back situation, imagine the collateral damage on all the other people who happen to b
Re:What can you do back that's legal? (Score:2)
However, you have to remember that most attacks are performed via compromised systems.
Re:What can you do back that's legal? (Score:3, Insightful)
It is a valid form of striking back - making the attacker waste his/her/its time.
More like Network Judo (Score:4, Insightful)
Intrusion Suppression techniques actually reduce the network traffic generated by the attacker, and yet also reduce the effectiveness with which the attacker can perform an attack. It's not really a counter-strike.
Re:What can you do back that's legal? (Score:2)
Share as much information as you can, even with competitors. Invest into developing software and infrastructure which makes sharing easier. Bring smart people together who want to donate part of their spare time to make the net a better place. Help drafting legal frameworks for large-scale detection and response measures.
There are many ways to remove a rogue server from the Internet, and a lot of them are quite legal. The key issue is to
Not practical any longer? (Score:2)
The problem today is that there are so many tens of thousands of systems being used for scanning, automated attacks, DDoS, and whatnot. This approach is only practical for certain occasional central
Tarpit the %$#$ out of them. (Score:3, Interesting)
The late LaBrea project implemented techniques that did not block attackers/scanners, but rather through protocol manipulation, HELD ON to them as long as possible, through things like tcp window size, etc. they kept the source host on the line sending zer
Make them famous! (Score:3, Funny)
Post their URL to slashdot, and let them bask in unwanted fame.
Re:What can you do back that's legal? (Score:2)
Whatever is required to stop the attack... (Score:2)
If some machine is attacking your system with a serious denial of service, then you have the right to root that box and halt it. Effectively, you are just turning the other person's machine off and if you would leave it at that, it would be perfectly reasonable.
Striking back (Score:3, Funny)
It worked for Silent Jay & Bob, and arguably the Empire...
Re:Striking back (Score:2)
Re:Striking back (Score:2)
Where's the beef? (Score:3, Funny)
Man what a lame article. A little lacking in substance, I'd say. Why, I've got half a mind to email bomb the author!
Low on actual information (Score:5, Informative)
Re:Low on actual information (Score:2)
Re:Low on actual information (Score:2)
You must be new here, nobody does that! I find it even funnier that the headline is: "O'Reilly Revisits Online Countermeasures" When really it's more like, some guy who happens tp work at O'Reilly mentions online countermeasures in a blog.
But hey, why read the article when instead you can read the comments about the comments about the article on
what about the counter-counter measures (Score:3, Interesting)
While I understand the desire to stick it to these creeps, from a purely cost/benefit analysis point-of-view, it doesn't seem to me to make a lot of sense
Re:what about the counter-counter measures (Score:5, Insightful)
IT IS always a temptation to an armed and agile nation,
To call upon a neighbour and to say:--
"We invaded you last night--we are quite prepared to fight,
Unless you pay us cash to go away."
And that is called asking for Dane-geld,
And the people who ask it explain
That you've only to pay 'em the Dane-geld
And then you'll get rid of the Dane!
It is always a temptation to a rich and lazy nation,
To puff and look important and to say:--
"Though we know we should defeat you, we have not the time to meet you.
We will therefore pay you cash to go away."
And that is called paying the Dane-geld;
But we've proved it again and again,
That if once you have paid him the Dane-geld
You never get rid of the Dane.
It is wrong to put temptation in the path of any nation,
For fear they should succumb and go astray,
So when you are requested to pay up or be molested,
You will find it better policy to says:--
"We never pay any one Dane-geld,
No matter how trifling the cost,
For the end of that game is oppression and shame,
And the nation that plays it is lost!"
Re:what about the counter-counter measures (Score:2, Informative)
Re:what about the counter-counter measures (Score:2)
When you pay these clowns, all you're doing is proving to their apprentices that they've chosen the right career. It's exactly like giving terrorists or kidnappers what they want, and with exactly the same results.
Two separate issues (Score:2)
2) Should you attempt to attack those DOSnet blackmailers?
They require two separate cost/benefit... er... analysis... analyses... analysises... calculations.
Re:what about the counter-counter measures (Score:2)
Cons
Re:what about the counter-counter measures (Score:3, Interesting)
Why would you call them "innocent"? Imagine a driver's defense after an accident: "Oh, all this driving things are just too technical." Innocent? I don't think so...
I'm not going into legalities here, but morally you are responsible for what your things (and kids and pets) do to others (legal responsibility exists too
Re:what about the counter-counter measures (Score:2)
Guardrails? reminds me of a very strange blog [blogspot.com] I came across.
Re:what about the counter-counter measures (Score:2)
Sorry, but having a fixed IP address really isn't a security risk - unless you're a high-profile target pretty much all the attacks you get are directed at random IP addresses so having a fixed address gives you exactly the same probability of getting hit at if you have a dynamic address. Even worse, if a zombie is on a dynamic address, it makes it very difficult for
Almost not worth reading (Score:2)
I'm not clicking that! (Score:3, Funny)
Is it wise to slashdot a site advocating "fighting back" web attacks?
I'm gonna wait an... [NO CARRIER]
Arms race example in the p2p world (Score:4, Interesting)
What they do is put out a file of the same size but with random data. Since the torrent file has segment hashes to verify integrity, any segments downloaded from the bogus file will fail the checksum and waste downloaders' bandwidth. The community of downloaders is fighting back by spreading black lists with the IP addresses of the bogus clients.
Re:Arms race example in the p2p world (Score:2)
Re:Arms race example in the p2p world (Score:2)
Re:Arms race example in the p2p world (Score:2)
Re:Arms race example in the p2p world (Score:2)
Re:Arms race example in the p2p world (Score:2)
You know... (Score:5, Insightful)
In the UK, when somebody files a lawsuit and loses, not only do they have to pay for their own court expenses, but also those of the defendant. This isn't the case in the US, which is why we are the most litigious country in the world.
Now, let's look at computing. If we just let the asshole hackers get away with their crime without a fight, they will keep on hitting us hard. But, if we had a mechanism that would "fight back" and destroy a 15 year-old script kiddie's computer that mommy and daddy bought, well, maybe they'd think twice.
Re:You know... (Score:4, Informative)
Re:You know... (Score:2)
Cue the SCO-bashing thread in 3...2...1...
Re:You know... (Score:2)
Re:You know... (Score:3, Informative)
I have had some servers get hit, and start attacking others. Now, if you were the target, and then started attacking one of my servers in retaliation, how does that help me?
From this vantage point, I have not only had one of my servers attacked by a skript kiddie, but now,
Do you get helpful responses? Re:You know... (Score:2)
There is one type of "attack" that I continue to try to foil this way -- bogus "you're infected" messages from email antispam gateways. Many email administrators still don't understand that virii can (and do) spew email with fake headers, and don't believe it when it's explained to them.
Re:You know... (Score:2)
Uh, what gave you that impression?
The principle that the losing party in any legitimate legal action pays fees is derived from common law, and applies in the US. Regardless of who brought the action, the loser generally must pay the cost, unless the judge or jury determines the action to have been frivilous (for instance, in
Re:You know... (Score:2)
An article on Slashdot not too long ago talked about how a guy fought back (through defensive measures) and eventually won. It was expensive in terms o
Re:You know... (Score:2)
I've lived all my life in the UK and I used to believe that. It isn't strictly true... For example in civil cases (such as the fraudulent retention of deposits etc.) where the dispute is over a sum less than £5000 the only legal provision is the "Small Claims Court" - for which the victim must pay an up-front £80 filing fee (recoverable on winning), bu
Is this anything like ? (Score:3, Funny)
You Know... (Score:2, Interesting)
Law enforcement can't do it all (Score:4, Interesting)
Several sys admins I know who have never had the time or inclination to put up a honeypot or opt for similar tactics absolutely light up at the prospect of actually making the attackers miserable. In fact, it's not even the attackers they complain about, it's the ISPs that (with copious documentation about the bad acts of specific customers) don't do anything about it. To the extent that foreign governments are those ISPs, well, same sentiment.
So, the real issue is governance of such a system. It's sort of like sharing time on a big research telescope. What committee can be trusted to put the resource to use effectively? I know that a lot of people with network resources are so fed up with the probes, the phishing, the DoS extortion and all the rest that they'd have absolutely no problem deploying a box or two, and a couple of MB/sec to the cause. But the liability(ies) for having it used unwisely are pretty scary, so I'm all ears if someone comes up with an interesting approach. If the worst thing that happens is I get a block of my IPs null routed on their way to Moscow, well, goshky, I'll take that deal.
Some things we have to take into our own hands. And just turning the other cheek with more and fancier firewalls and intrustion detection is too passive for my taste, at least in the face of concerted, bad-to-the-core coordinated efforts by professional, organized crackers. Have I wanted to burn up every inch of some basement-dwelling script kiddie's DSL before? Sometimes. But nothing like I've wanted to blot out entire pieces of some Asian and eastern-European networks. And not just for my sake - for all of my clients, and their clients, and everyone it impacts.
Don't mean to rant, but I've just spent all morning explaining this stuff to a suffering dot-com. His much-repeated question was "Why can't we just do this back at him until he quits? I'll spend the money... this is pissing me off."
Re:Law enforcement can't do it all (Score:2)
Because he won't quit. He'll simply open a new account with a new ISP and start all over again.
Re:Law enforcement can't do it all (Score:2)
That's exactly where a robust, million-member network would shine. When that guy and his tactics surface again, he get's stomped by what amounts to an immune system that's seen that strain before. It's the stomping I'm started to get interested in, not just having thicker skin.
Re:Law enforcement can't do it all (Score:2)
I get an incredible amount of spam, scans and ssh login attempts from the USA - blocking countries is not the answer.
Some of us actually want to communicate with the rest of the world or do business in Asia, Eastern Europe and Africa. In general the poor attempts at support by US companies show that many companies there do not care about communicating with the rest of the world - but usually the highly succ
The Grid Will Soon Take Care of It (Score:2, Interesting)
On a much grander scale, we're accelerating towards a global computing grid which will extract unimaginable power from hundreds of thousands of separate computers each with the processing capabilities of our brain. The collective intelligence which emerges will possibly rival our fantasies of artificial intelligence [blogspot.com]
As we modelled the eye to build ca
Re:The Grid Will Soon Take Care of It (Score:2)
On a larger scale, it spells an evolutionary move towards a decentralized global self-configuring, self-healing, self-optimizing, and self-protecting nervous system. Since Autonomic Computing can look for patterns in data and extrapolate to predict future events, deployed on a global scale, the spin-offs would be very interesting...
Then at 2:14 a.m. August 29th, Skynet will become self aware.
Just say no (Score:2)
most attacks not spoofed (Score:2)
But if they are loading a page over and over via http like in a recent massive DDoS (http://www.dshield.org/pipermail/intrusions/2005 - January/008739.html [dshield.org])
you can be sure that the zombies' source ip is what it says it is. These days zombies are not worth the trouble of hiding, anyway.
I wouldn't retaliate, but I would especially not retaliate unless the completed tcp handshake gave me assurance the
Re:most attacks not spoofed (Score:2)
Re:most attacks not spoofed (Score:2)
I think an actual connection hoses the recipient in a more precise way, with less bandwidth usage to trouble already indifferent ISPs.
My sense is that the bots are so common that they aren't worth obfuscating. It may be that egress filtering has caught on, as well. Let's hope so...
I
ISP Best Practices Prevent Spoofing (Score:2)
Correct, but can be managed for some techniques (Score:2)
Fortunately these types of attacks can be detected and modulated. With respect to certain antiworm systems [intrinsicsecurity.com] based on honeypot techniques I can safely say that these problems are not insurmountable.
Re:Just say no - it's the NAT thing to do (Score:2)
Or you just need the latest virus that's come in on a laptop to send stuff out on an allowed port through a firewall - then next thing some loser with some sort of knee jerk countermeasure system is hammering at your gateway.
It's not that simple a task to work out where packets are really coming from, and sending a flood of packets back in th
more substantial items about getting even do exist (Score:3, Interesting)
We all have a gripe against spammers and phishers and I for one would welcome a book or web page that showed ways to harm the interests of internet and email abusers [ways that could ONLY harm such abusers, otherwise, we just arm the enemy] Is that too tall an order?
Re:more substantial items about getting even do ex (Score:2)
I'd personnally prefer fighting back, but... (Score:2, Insightful)
We could publish IPs of scorn but we already have such lists on the net of known scum monkeys and the result is basically like that of
Re:I'd personnally prefer fighting back, but... (Score:2)
While a case may be made against jimmy the spot welding machine for receiving stolen goods, robots are such well behaved folks that I can't imagine any of them getting involved in terrorism.
Think about it - "cyber-terrorism" implies a robot with a bomb. Online fraud is a real crime, but not "cyber" or "terrorist" by any stretch of a fevered imagination - the word is just hype for people who want make the problem a more emotive one and get more money to deal
I can see it now (Score:3, Funny)
2) Start a small DoS attach against each one while spoofing the source address of the other.
3) Sit back and laugh your ass off as they both escalate and take each other out!
AWESOME! (Score:2)
Great idea! It's like cockfighting for the 21st century!
Wait wait wait (Score:4, Insightful)
Who knows--in the not so distant future, "countermeasures" (not "Strike Back" capabilities) may end up being a feature we all look for before deploying any security software. Perhaps tools with these features will come from collaborative efforts between the open source and security communities; which would give everyone equal input on their design, functionality, and ultimately their deployment. In the end a more secure, reliable, networking infrastructure is in the best interest of society as a whole. That's why I've made it one of my goals to do everything I can to move people towards a "Community Centric" approach to securing the assets we all depend on.
Now, I'm not going to advocate breaking "the law" directly in this post, but allow me to raise an important question to the /. community. Do we really want "a more secure, reliable, networking infrastructure" in the end? Allow me to now elaborate on that question.
A more secure, reliable, networking infrastructure sounds great on the face of it, but what if we were talking about a corporate infrastructure instead of a networking infrastructure? In other words, big barriers to entry for the little guys to innovate, force change, develop new things, and build NEW corporations. Same goes for networking I think. Script kiddies are not innovative as they are simply piggybacking off of others works, BUT they have been innovative in pushing every company to be highly concerned about protecting themselves against cracking and DDOS'ing, which HAS been good for us, the consumers, as the data and services that these companies provide to us is ultimately more secure, reliable, etc. Those who are doing the really devious crack attacks are being more innovative, and are forcing organizations with a 'net presence to build ever better security defenses to guard against these attacks. These new defense mechanisms in turn often get passed on to other like-minded individuals who desire the same security. I guess that ultimately I am trying to say that while we do want "more reliability" at certain levels, at other levels lack of reliability is what helps spur innovation, change, and pre-emptive corrections to problems which left unchecked, could cause massive, long-lasting damage when a chink in the armor is finally exploited.
So is "strike back" a good thing? Almost every time it is not going to help in any way. With our "War on Terror" we certainly had some excellent early gains, but now we're in a long, slow decay of gains due to the loss of life and new difficulties we created through our counterstrikes in Iraq and Afghanistan. Bush may have made the world a safer place immediately after 9/11, but now we have the Patriot Act, thousands of dead soldiers and civilians in a war that ultimately cannot "end", and what I perceive to be a whole new level of various threats to our country because we have only encouraged the terrorists to come up with better and more lethal attacks in response to our counterattack.
So, in summary, yes defending against malicious network activities is good for everyone, but I think that counterstrikes against an amorphous enemy with difficult to define borders (terrorists can come from any country, just as ip addresses can be spoofed to be marked as coming from ANY organization) in response to these attacks pose a serious risk to the network that we call "The Internet" because it will only increase the desire to make more chaos on it ultimately than it will to dissuade it. Then we get more government control, more devestating attacks, and more polarization of "sides" to the war on network intrusion. Let's keep these issues in mind when building our network security plans.
Self Defense is Legal and Moral (Score:3, Insightful)
The police and government protecting me are only an extension to my own right to self defense. There are cases were individuals are not able to defend themselves, or where they might think they are defending themselves but doing the wrong person harm, and so we have professional police, judges, who in theory are better at defending us and preserving a civil society than we would be ourselves. They are specialists, just like a doctor is a specialist in treating disease, and so we assume they doing it more efficiently with the least harm.
BUT, if the profesionals (i.e. the police, judges, etc.) are not able to effectivly defend me and preserve a civil society, I have every moral right to defend myself. Period. Yes, some countries have passed laws against self defense, but the rejection of the right of individual self-defense is part of an overall authoritarian philosophy that rejects any kind of individual rights.
There can be a discussion of the practical problems of self-defense (How can I be sure that the person who appears to be doing a denial of service attack is the perpitrator? Will retaliation have negative effects on innocent people who are not involved? Can these techniques be abused or exploited by a third party? Will I really be defending myself by using this technology?), but all of these are technical/practical discussions. But from the moral perspective, only a few of the most extremly authoritarian or collectivist ideologies would deny a person the right to self defense.
Re:Self Defense is Legal and Moral (Score:2)
It's not going to do your reputation any good, when you're the one in the newspapers because some disabled kid got his computer owned then blasted away, and the repair shop/ISP traced the attack back to your house.
Re:Self Defense is Legal and Moral (Score:2)
What I was saying is that the morality of it shouldn't be in question. Just the technical feasability. Arguing that an atomic bomb is an ineffective way for me to deter my home from being robb
Re:Self Defense is Legal and Moral (Score:2)
The arguement against booby traps is quite practical. But if we had a hypothetical boobytrap 100% garanteed only to stop burg
O'Reilly (Score:2)
Here I thought this was going to be about the "caller mute" button, bloviating and the other ways he deals with callers who get the conversational upper hand. Wrong O'Reilly I guess.
Reminiscient of the old "Blitzkrieg Server"article (Score:3, Informative)
(Links follow for a brief description):
http://www.findarticles.com/p/articles/mi_m0CGN/i
http://attrition.org/errata/www/pd.001.html [attrition.org]
But, I think that there may actually be room for active-response systems. Also, properly employed, they would be perfectly legal.
There is no reason that such tools be deployed in public networks. Some organizations have networks (including large and complex networks) that are completely and totally privately owned, and totally segregated from public networks. Such organizations may (subject to appropriate risk - reviews) make judicious use of passive and even active response systems.
There are other ways to communicate than IPv4. There are indications in messages that active-response systems can't work becaus of spoofing. Suitable integrity and encryption methods can be used to validate source and ip address data.
There may be more modest active-response methods that may be more generally useful. For example, if traffic is located from a hostile system, the source of the traffic may be back-tracked, and shut off near its source. Not easy - and not necessarily today - but there could be places where such approaches may be deployed.
Sam Nitzberg
dontspamthis_______sam@iamsam.com
http://www.iamsam.com/ [iamsam.com]
http://www.nitzbergsecurityassociates.com/ [nitzbergse...ciates.com]
Re:Ridiculous. (Score:2)
Not quite so ridiculous (Score:2)
Well, that's mostly a function of the DDoS instrument. Various worms have slowed the internet (to a subjective crawl) while propagating aggressively. Some of them infected such a large number of PC systems that DDoS on multiple sites at once could have been performed.
A DDoS directed by such a worm against certain routers or DNS servers, rather than "a web site" might have a profound impact on performance of the internet as
Re:If the Minute Men can do it.... (Score:2, Insightful)
Re:Episode V: /.'ers Strike Back (Score:2)
Re:The ultimate self defense (Score:2)
http://www.redsoldier.com/ [redsoldier.com]
http://www.cheaperthandirt.com/ctd/default.asp [cheaperthandirt.com]
http://www.remington.com/default [remington.com]
http://nuclearweaponarchive.org/ [nuclearweaponarchive.org]
Re:It's really quite simple... (Score:2)