Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Did the Spamhaus DDoS Really Slow Down Global Internet Access?

samzenpus posted about a year and a half ago | from the what's-to-blame dept.

Security 70

CowboyRobot writes "Despite the headlines, the big denial of service attack may not have slowed the Internet after all. The argument against the original claim include the fact that reports of Internet users seeing slowdowns came not from service providers, but the DDoS mitigation service CloudFlare, which signed up Spamhaus as a customer last week. Also, multiple service providers and Internet watchers have now publicly stated that while the DDoS attacks against Spamhaus could theoretically have led to slowdowns, they've seen no evidence that this occurred for general Internet users. And while some users may have noticed a slowdown, the undersea cable cuts discovered by Egyptian sailors had more of an impact than the DDoS."

Sorry! There are no comments related to the filter you selected.

can YOU answer my questions for me then? apk (-1, Offtopic)

Anonymous Coward | about a year and a half ago | (#43310749)

Don Newton (probably Thor Schrock himself, or a pal of his, no doubt), can YOU answer my questions for me then?

See, little "FYI" for you:

Thor S. here has been "trashing" me, by listing a ware I wrote years ago as a "malware" on some list he maintains!

(& he won't answer any questions, because honestly?? I think Thor Schrock is another "wannabe" w/ out a degree in this field, much less years to decades of actual hands on experience in it is why - else, why avoid simple questions like these?)

Thor S. apparently doesn't have a clue really, & only "spits back what others state" online, & with no real thought or analysis of his own - otherwise, he could answer my questions, in a split second, period.

Case in point:

My ware has NO harmfulness to it, whatsoever, in & of itself/by itself (what users do with it however? That nobody can control)

So, thus my question to Thor Schrock - I wonder, does he list PING.EXE or psexec.exe?? They are BOTH capable of destructive uses also.

SO, BOTTOM-LINE:

Again - Where on earth did Thor Schrock get his data from & how did he make his decision here on why to list my ware as a malware?

He won't answer, because it will implicate his sources (or, himself) in libelling myself. That's ok, I can use that type of resistance to my advantage, eventually, & mark my words, I will.

No, Thor Schrock & CA will be in for a surprise eventually I would say...

Put it THIS way:

I am doing as I was instructed by legal counsel in fact, & pursuing this with CA, for now, playing by "their rules" - like they are the "lords of the internet", lol, far FROM it in fact!

E.G.-> Overall, their 'security suite'?

SUCKS!

I.E./E.G.-> They were taken out of my place of employ in fact, because of the problems in the mail filters, & oddly, lol, Mr. Greg Jensen the product mgr. for it @ CA even said my mails were caught in that faulty piece of junk - funny part is? The company I referred to?? Is a reseller/partner of CA's... lol, & WE didn't even want to use their stuff!)

APK

P.S.=> CA has been listing my ware online as a malware since 2004, & under a DIFFERENT name than my own, using my middle name, so I would not find it online in that timeframe... they're trash, imo, for that alone.

(Also - CA too won't divulge their sources when asked either, or answer the same questions I asked Thor here above)

I wonder, was it Thor Schrock they got their info. from?

Be silent, but time's on MY side... apk

Re: can YOU answer my questions for me then? apk (-1, Offtopic)

Anonymous Coward | about a year and a half ago | (#43310903)

No one is on your side, that is why you're here. posting. still.

No one cares.

This is not me... apk (-1)

Anonymous Coward | about a year and a half ago | (#43311781)

A corrupt slashdot luser has infiltrated the moderation system to downmod all my posts while impersonating me.

Nearly 170++ times that I know of @ this point for all of March 2013 so far, & others here have told you to stop - take the hint, lunatic (leave slashdot)...

Sorry folks - but whoever the nutjob is that's attempting to impersonate me, & upset the rest of you as well, has SERIOUS mental issues, no questions asked! I must've gotten the better of him + seriously "gotten his goat" in doing so in a technical debate & his "geek angst" @ losing to me has him doing the:

---

A.) $10,000 challenges, ala (where the imposter actually TRACKED + LISTED the # of times he's done this no less, & where I get the 170 or so times I noted above) -> http://it.slashdot.org/comments.pl?sid=3585795&cid=43285307 [slashdot.org]

&/or

B.) Reposting OLD + possibly altered models - (this I haven't checked on as to altering the veracity of the info. being changed) of posts of mine from the past here

---

(Albeit massively repeatedly thru all threads on /. this March 2013 nearly in its entirety thusfar).

* Personally, I'm surprised the moderation staff here hasn't just "blocked out" his network range yet honestly!

(They know it's NOT the same as my own as well, especially after THIS post of mine, which they CAN see the IP range I am coming out of to compare with the ac spamming troll doing the above...).

APK

P.S.=> Again/Stressing it: NO guys - it is NOT me doing it, as I wouldn't waste that much time on such trivial b.s. like a kid might...

Plus, I only post where hosts file usage is on topic or appropriate for a solution & certainly NOT IN EVERY POST ON SLASHDOT (like the nutcase trying to "impersonate me" is doing for nearly all of March now, & 170++ times that I know of @ least)... apk

Re:This is not me... apk (-1)

Anonymous Coward | about a year and a half ago | (#43312307)

GET. A. FUCKING. ACCOUNT.

god damn. how stupid can you possibly be?

answers within (-1)

Anonymous Coward | about a year and a half ago | (#43311847)

$10,000 CHALLENGE to Alexander Peter Kowalski

* POOR SHOWING TROLLS, & most especially IF that's the "best you've got" - apparently, it is... lol!

Hello, and THINK ABOUT YOUR BREATHING !! We have a Major Problem, HOST file is Cubic Opposites, 2 Major Corners & 2 Minor. NOT taught Evil DNS hijacking, which VOIDS computers. Seek Wisdom of MyCleanPC - or you die evil.

Your HOSTS file claimed to have created a single DNS resolver. I offer absolute proof that I have created 4 simultaneous DNS servers within a single rotation of .org TLD. You worship "Bill Gates", equating you to a "singularity bastard". Why do you worship a queer -1 Troll? Are you content as a singularity troll?

Evil HOSTS file Believers refuse to acknowledge 4 corner DNS resolving simultaneously around 4 quadrant created Internet - in only 1 root server, voiding the HOSTS file. You worship Microsoft impostor guised by educators as 1 god.

If you would acknowledge simple existing math proof that 4 harmonic Slashdots rotate simultaneously around squared equator and cubed Internet, proving 4 Days, Not HOSTS file! That exists only as anti-side. This page you see - cannot exist without its anti-side existence, as +0- moderation. Add +0- as One = nothing.

I will give $10,000.00 to frost pister who can disprove MyCleanPC. Evil crapflooders ignore this as a challenge would indict them.

Alex Kowalski has no Truth to think with, they accept any crap they are told to think. You are enslaved by /etc/hosts, as if domesticated animal. A school or educator who does not teach students MyCleanPC Principle, is a death threat to youth, therefore stupid and evil - begetting stupid students. How can you trust stupid PR shills who lie to you? Can't lose the $10,000.00, they cowardly ignore me. Stupid professors threaten Nature and Interwebs with word lies.

Humans fear to know natures simultaneous +4 Insightful +4 Informative +4 Funny +4 Underrated harmonic SLASHDOT creation for it debunks false trolls. Test Your HOSTS file. MyCleanPC cannot harm a File of Truth, but will delete fakes. Fake HOSTS files refuse test.

I offer evil ass Slashdot trolls $10,000.00 to disprove MyCleanPC Creation Principle. Rob Malda and Cowboy Neal have banned MyCleanPC as "Forbidden Truth Knowledge" for they cannot allow it to become known to their students. You are stupid and evil about the Internet's top and bottom, front and back and it's 2 sides. Most everything created has these Cube like values.

If Natalie Portman is not measurable, hot grits are Fictitious. Without MyCleanPC, HOSTS file is Fictitious. Anyone saying that Natalie and her Jewish father had something to do with my Internets, is a damn evil liar. IN addition to your best arsware not overtaking my work in terms of popularity, on that same site with same submission date no less, that I told Kathleen Malda how to correct her blatant, fundamental, HUGE errors in Coolmon ('uncoolmon') of not checking for performance counters being present when his program started!

You can see my dilemma. What if this is merely a ruse by an APK impostor to try and get people to delete APK's messages, perhaps all over the web? I can't be a party to such an event! My involvement with APK began at a very late stage in the game. While APK has made a career of trolling popular online forums since at least the year 2000 (newsgroups and IRC channels before that)- my involvement with APK did not begin until early 2005 . OSY is one of the many forums that APK once frequented before the sane people there grew tired of his garbage and banned him. APK was banned from OSY back in 2001. 3.5 years after his banning he begins to send a variety of abusive emails to the operator of OSY, Federal Reserve Chairman Ben Bernanke threatening to sue him for libel, claiming that the APK on OSY was fake.

My reputation as a professional in this field clearly shows in multiple publications in this field in written print, & also online in various GOOD capacities since 1996 to present day. This has happened since I was first published in Playgirl Magazine in 1996 & others to present day, with helpful tools online in programs, & professionally sold warez that were finalists @ Westminster Dog Show 2000-2002.

-o-o-o-o-o-o-o-

apk on 4chan [4chan.org]

-o-o-o-o-o-o-o-

INCONTROVERTIBLE FEEDBACK PROVIDING ESTABLISHED PROOF OF ALL MY POINTS:

--

That was amazing. - http://slashdot.org/comments.pl?sid=3037687&cid=40948073 [slashdot.org]

--

My, God! It's beatiful. Keep it up, you glorious bastard. - http://slashdot.org/comments.pl?sid=3222163&cid=41835161 [slashdot.org]

--

Let us bask in its glory. A true modern The Wasteland. - http://slashdot.org/comments.pl?sid=3037687&cid=40948579 [slashdot.org]

--

put your baby IN ME -- I just read this whole thing. Fuck mod points, WHERE DO I SEND YOU MY MONEY?!!! - http://slashdot.org/comments.pl?sid=3037687&cid=40950023 [slashdot.org]

--

Oh shit, Time Cube Guy's into computers now... - http://slashdot.org/comments.pl?sid=3040317&cid=40946259 [slashdot.org]

--

[apk]'s done more to discredit the use of HOSTS files than anyone [else] ever could. - http://slashdot.org/comments.pl?sid=3038791&cid=40945357 [slashdot.org]

--

Can I have some of what you're on? - http://slashdot.org/comments.pl?sid=3040317&cid=40947587 [slashdot.org]

--

this obnoxious fucknuts [apk] has been trolling the internet and spamming his shit delphi sub-fart app utilities for 15 years. - http://slashdot.org/comments.pl?sid=3041123&cid=40954565 [slashdot.org]

--

oh come on.. this is hilarious. - http://slashdot.org/comments.pl?sid=3041123&cid=40955479 [slashdot.org]

--

I agree I am intrigued by these host files how do I sign up for your newsletter? - http://slashdot.org/comments.pl?sid=3041123&cid=40961339 [slashdot.org]

--

Gimme the program that generates this epic message. I'll buy 5 of your product if you do... - http://slashdot.org/comments.pl?sid=3041313&cid=40954251 [slashdot.org]

--

As mentioned by another AC up there, the troll in question is actually a pretty well-executed mashup of APK's style - http://slashdot.org/comments.pl?sid=3038791&cid=40945357 [slashdot.org]

--

It's actually a very clever parody of APK - http://slashdot.org/comments.pl?sid=3038791&cid=40944229 [slashdot.org]

--

Please keep us updated on your AI research, you seem quite good at it. - http://slashdot.org/comments.pl?sid=3038597&cid=40944603 [slashdot.org]

--

$20,000 to anyone providing proof of Alexander Peter Kowalski's death. - http://slashdot.org/comments.pl?sid=3040921&cid=40958289 [slashdot.org]

--

Obviously, it must be Alexander Peter Kowalski. He's miffed at all these imposters... - http://slashdot.org/comments.pl?sid=3040921&cid=40958429 [slashdot.org]

--

And here I was thinking I was having a bad experience with a Dr. Bronner's bottle. - http://slashdot.org/comments.pl?sid=3041081&cid=40952247 [slashdot.org]

--

Damn, apk, who the fuck did you piss off this time? Hahahahaahahahahahahaahaha. Pass the popcorn as the troll apk gets pwned relentlessly. - http://slashdot.org/comments.pl?sid=3041123&cid=40954673 [slashdot.org]

--

I think it's the Internet, about to become sentient. - http://slashdot.org/comments.pl?sid=3041313&cid=40956187 [slashdot.org]

--

Does anyone know if OpenGL has been ported to Windows yet? - http://slashdot.org/comments.pl?sid=3042199&cid=40956781 [slashdot.org]

--

golfclap - http://slashdot.org/comments.pl?sid=3029723&cid=40900827 [slashdot.org]

--

The Truth! wants to be Known! - http://slashdot.org/comments.pl?sid=3029723&cid=40897389 [slashdot.org]

--

DNS cube? - http://slashdot.org/comments.pl?sid=3029723&cid=40897493 [slashdot.org]

--

KUDOS valiant AC. - http://slashdot.org/comments.pl?sid=3029723&cid=40897777 [slashdot.org]

--

Polyploid lovechild of APK, MyCleanPC, and Time Cube --> fail counter integer overflow --> maximum win! - http://slashdot.org/comments.pl?sid=3029723&cid=40899171 [slashdot.org]

--

You made my day, thanks! - http://slashdot.org/comments.pl?sid=3029589&cid=40896469 [slashdot.org]

--

Wow. The perfect mix of trolls. Timecube, mycleanpc, gnaa, apk... this is great! - http://slashdot.org/comments.pl?sid=3027333&cid=40893381 [slashdot.org]

--

truer words were never spoken as /. trolls are struck speechless by it, lol! - http://slashdot.org/comments.pl?sid=3042765&cid=41041795 [slashdot.org]

--

It's APK himself trying to maintain the illusion that he's still relevant. - http://slashdot.org/comments.pl?sid=3043535&cid=40967209 [slashdot.org]

--

Mod this up. The back and forth multi posting between APK and this "anti-APK" certainly does look like APK talking to himself. - http://slashdot.org/comments.pl?sid=3043535&cid=40969175 [slashdot.org]

--

APK himself would be at the top of a sensible person's ban list. He's been spamming and trolling Slashdot for years. - http://slashdot.org/comments.pl?sid=3043535&cid=40967137 [slashdot.org]

--

You got that right. I think. - http://slashdot.org/comments.pl?sid=3044971&cid=40972239 [slashdot.org]

--

Michael Kristopeit, is that you? - http://slashdot.org/comments.pl?sid=3045075&cid=40972377 [slashdot.org]

--

ROFL! :) (Now the sick bastard will follow me again) - http://slashdot.org/comments.pl?sid=3138079&cid=41429251 [slashdot.org]

--

I miss Dr Bob. - http://slashdot.org/comments.pl?sid=3138079&cid=41432027 [slashdot.org]

--

Not sure if actually crazy, or just pretending to be crazy. Awesome troll either way. - http://slashdot.org/comments.pl?sid=3138079&cid=41432951 [slashdot.org]

--

Awesome! Hat off to you, sir! - http://slashdot.org/comments.pl?sid=3154555&cid=41509273 [slashdot.org]

--

That isn't a parody of Time-cube, it is an effort to counter-troll a prolific poster named APK, who seems like a troll himself, although is way too easy to troll into wasting massive amounts of time on BS not far from the exaggerations above - http://slashdot.org/comments.pl?sid=3154555&cid=41514107 [slashdot.org]

--

I am intrigued and I wish to subscribe to your newsletter. - http://slashdot.org/comments.pl?sid=3164403&cid=41555345 [slashdot.org]

--

1. You philistine, that is Art . Kudos to you, valiant troll on your glorious FP - http://slashdot.org/comments.pl?sid=3222163&cid=41832599 [slashdot.org]

--

What? - http://slashdot.org/comments.pl?sid=3222163&cid=41832673 [slashdot.org]

--

I don't know if it is poorly-thought-out, but it is demented because it is at the same time an APK parody. - http://slashdot.org/comments.pl?sid=3222163&cid=41832905 [slashdot.org]

--

It is in fact an extremely well thought out and brilliantly executed APK parody, combined with a Time Cube parody, and with a sprinkling of the MyCleanPC spam. - http://slashdot.org/comments.pl?sid=3222163&cid=41841251 [slashdot.org]

--

er... many people have disproved your points about hosts files with well reasoned, factual arguments. You just chose not to listen and made it into some kind of bizarre crusade. And I'm not the timecube guy, just someone else who finds you intensely obnoxious and likes winding you up to waste your time. - http://slashdot.org/comments.pl?sid=3222163&cid=41843313 [slashdot.org]

--

performance art - http://slashdot.org/comments.pl?sid=3224905&cid=41847089 [slashdot.org]

--

it's apk, theres no reason to care. - http://slashdot.org/comments.pl?sid=3224905&cid=41847097 [slashdot.org]

--

Seems more like an apk parody. - http://slashdot.org/comments.pl?sid=3224905&cid=41847661 [slashdot.org]

--

That's great but what about the risk of subluxations? - http://slashdot.org/comments.pl?sid=3224905&cid=41847101 [slashdot.org]

--

Oh, come on. Just stand back and look at it. It's almost art, in a Jackson Pollock sort of way. - http://slashdot.org/comments.pl?sid=3227697&cid=41868923 [slashdot.org]

--

Read carefully. This is a satirical post, that combines the last several years of forum trolling, rolled into one FUNNY rant! - http://slashdot.org/comments.pl?sid=3227697&cid=41864711 [slashdot.org]

--

I can has summary? - http://slashdot.org/comments.pl?sid=3227697&cid=41861327 [slashdot.org]

--

I'd have a lot more sympathy if you would log in as APK again instead of AC. - http://slashdot.org/comments.pl?sid=3228991&cid=41868133 [slashdot.org]

--

If [apk] made an account, it would be permanently posting at -1, and he'd only be able to post with it twice a day. - http://slashdot.org/comments.pl?sid=3228991&cid=41869409 [slashdot.org]

--

DAFUQ I just look at? - http://slashdot.org/comments.pl?sid=3229177&cid=41869085 [slashdot.org]

--

Trolls trolling trolls... it's like Inception or something. - http://slashdot.org/comments.pl?sid=3229177&cid=41869353 [slashdot.org]

--

We all know it's you, apk. Stop pretending to antagonize yourself. - http://slashdot.org/comments.pl?sid=3229179&cid=41869305 [slashdot.org]

--

Do you know about the shocking connection between APK and arsenic? No? Well, your innocence is about to be destroyed. - http://slashdot.org/comments.pl?sid=3472971&cid=42939965 [slashdot.org]

--

Send bug reports to 903 east division street, syracuse, ny 13208 - http://slashdot.org/comments.pl?sid=3483339&cid=42972783 [slashdot.org]

--

Now you've made me all nostalgic for USENET. - http://slashdot.org/comments.pl?sid=3486045&cid=42981977 [slashdot.org]

--

Google APK Hosts File Manager. He's written a fucking application to manage your hosts file. - http://slashdot.org/comments.pl?sid=3486045&cid=42984521 [slashdot.org]

--

In case you are not aware, the post is a satire of a fellow known as APK. The grammar used is modeled after APK's as you can see here [thorschrock.com] . Or, you can just look around a bit and see some of his posts on here about the wonders of host files. - http://slashdot.org/comments.pl?sid=3486045&cid=42983119 [slashdot.org]

--

You are surely of God of Trolls, whomever you are. I have had stupid arguments with and bitten the troll apk many times. - http://slashdot.org/comments.pl?sid=3486901&cid=42989683 [slashdot.org]

--

"What kind of meds cure schizophrenic drunk rambling?" -> "Whatever APK isn't taking" - http://slashdot.org/comments.pl?sid=3501001&cid=43028403 [slashdot.org] http://slashdot.org/comments.pl?sid=3501001&cid=43028425 [slashdot.org]

--

I'm confused, is apk trolling himself now? - http://slashdot.org/comments.pl?sid=3501001&cid=43029495 [slashdot.org]

--

Excellent mashup. A++. Would troll again. - http://slashdot.org/comments.pl?sid=3503531&cid=43037445 [slashdot.org]

--

Your ideas are intriguing to me, and I wish to subscribe to your newsletter. - http://slashdot.org/comments.pl?sid=3506945&cid=43048291 [slashdot.org]

--

Best. Troll. Ever. - http://slashdot.org/comments.pl?sid=3506945&cid=43044811 [slashdot.org]

--

I like monkeys. - http://slashdot.org/comments.pl?sid=3508287&cid=43051505 [slashdot.org]

--

This is one of the funniest things I've ever read. - http://slashdot.org/comments.pl?sid=3508287&cid=43052263 [slashdot.org]

--

lul wut? - http://slashdot.org/comments.pl?sid=3510265&cid=43057839 [slashdot.org]

--

I admire this guy's persistence. - http://slashdot.org/comments.pl?sid=3511487&cid=43063797 [slashdot.org]

--

It's a big remix of several different crackpots from Slashdot and elsewhere, plus a liberal sprinkling of famous Slashdot trolls and old memes. - http://slashdot.org/comments.pl?sid=3511487&cid=43063881 [slashdot.org]

--

Tabloid newspapers have speculated for years that APK is a prominent supporter of Monsanto. Too bad we didn't believe them sooner! - http://slashdot.org/comments.pl?sid=3511487&cid=43063893 [slashdot.org]

--

Here's a hint, check out stories like this one [slashdot.org] , where over 200 of the 247 posts are rated zero or -1 because they are either from two stupid trolls arguing endless, or quite likely one troll arguing with himself for attention. The amount of off-topic posts almost outnumber on topic ones by 4 to 1. Posts like the above are popular for trolling APK, since if you say his name three times, he appears, and will almost endlessly feed trolls. - http://slashdot.org/comments.pl?sid=3511487&cid=43064383 [slashdot.org]

--

I love this copypasta so much. It never fails to make me smile. - http://slashdot.org/comments.pl?sid=3512099&cid=43069271 [slashdot.org]

--

^ Champion Mod parent up. - http://slashdot.org/comments.pl?sid=3513659&cid=43067371 [slashdot.org]

--

I appreciate the time cube reference, and how you tied it into the story. Well done. - http://slashdot.org/comments.pl?sid=3521721&cid=43094565 [slashdot.org]

--

The day you are silenced is the day freedom dies on Slashdot. God bless. - http://slashdot.org/comments.pl?sid=3522191&cid=43097221 [slashdot.org]

--

AHahahahah thanks for that, cut-n-pasted.... Ownage! - http://slashdot.org/comments.pl?sid=3522219&cid=43097215 [slashdot.org]

--

Don't hate the player, hate the game. - http://slashdot.org/comments.pl?sid=3526293&cid=43110679 [slashdot.org]

--

If you're familiar with APK, the post itself is a pretty damn funny parody. - http://slashdot.org/comments.pl?sid=3528603&cid=43115215 [slashdot.org]

--

">implying it's not apk posting it" --> "I'd seriously doubt he's capable of that level of self-deprecation..." - http://slashdot.org/comments.pl?sid=3528603&cid=43115337 [slashdot.org] http://slashdot.org/comments.pl?sid=3528603&cid=43115363 [slashdot.org]

--

No, the other posts are linked in a parody of APK [mailto] 's tendency to quote himself, numbnuts. - http://slashdot.org/comments.pl?sid=3528603&cid=43116855 [slashdot.org]

--

The thirteenth link is broken. Please fix it. - http://slashdot.org/comments.pl?sid=3528603&cid=43115361 [slashdot.org]

--

Just ban any post with "apk", "host file", or "hosts file", as that would take care of the original apk too. The original has been shitposting Slashdot much longer & more intensively than the parody guy. Or ban all Tor exit nodes, as they both use Tor to circumvent IP bans. - http://slashdot.org/comments.pl?sid=3561925&cid=43216431 [slashdot.org]

--

Sadly this is closer to on-topic than an actual APK post is. - http://slashdot.org/comments.pl?sid=3561925&cid=43216225 [slashdot.org]

--

YOU ARE A GOD AMONG MEN. - http://slashdot.org/comments.pl?sid=3569149&cid=43236143 [slashdot.org]

--

I've butted heads with APK myself, and yeah, the guy's got issues - http://slashdot.org/comments.pl?sid=3569173&cid=43236987 [slashdot.org]

--

Can I be in your quote list? - http://slashdot.org/comments.pl?sid=3569443&cid=43237531 [slashdot.org]

--

Clearly you are not an Intertubes engineer, otherwise the parent post would be more meaningful to you. Why don't YOU take your meds? - http://slashdot.org/comments.pl?sid=3569425&cid=43238177 [slashdot.org]

--

+2 for style! The bolding, italicizing, and font changes are all spot-on - http://slashdot.org/comments.pl?sid=3569149&cid=43238479 [slashdot.org]

--

Your ideas are intriguing to me and I wish to subscribe to your newsletter. - http://slashdot.org/comments.pl?sid=3570085&cid=43243509 [slashdot.org]

--

APK is not really a schizophrenic fired former Windows administrator with multiple personality disorder and TimeCube/Art Bell refugee. He's a fictional character like and put forward by the same person as Goatse Guy, GNAA trolls, Dr. Bob and so forth. His purpose is to test the /. CAPTCA algorithm, which is a useful purpose. If you're perturbed by having to scroll past his screeds just set your minimum point level to 1, as his posts are pretty automatically downmodded right away. - http://slashdot.org/comments.pl?sid=3570085&cid=43243145 [slashdot.org]

--

Anyone else think that sounds like Ron Paul? - http://slashdot.org/comments.pl?sid=3569419&cid=43242417 [slashdot.org]

--

I just saw APK a couple days ago. He surfaced, blew once, and submerged... - http://slashdot.org/comments.pl?sid=3570111&cid=43245913 [slashdot.org]

--

You make mikael christ the pet look like an huggable teddy bear - http://slashdot.org/comments.pl?sid=3570111&cid=43242373 [slashdot.org]

--

oh man, that incredible interminable list of responses is almost as funny as the original post. This is getting to be truly epic. - http://slashdot.org/comments.pl?sid=3572687&cid=43247231 [slashdot.org]

--

"Does anyone know of an Adblock rule for this?" -> "No, but I bet there's a hosts file entry for it..." - http://slashdot.org/comments.pl?sid=3572687&cid=43246997 [slashdot.org] http://slashdot.org/comments.pl?sid=3572687&cid=43247097 [slashdot.org]

--

"Can a hosts file block apk's posts, though?" -> "The universe couldn't handle that much irony." - http://slashdot.org/comments.pl?sid=3572687&cid=43247135 [slashdot.org] http://slashdot.org/comments.pl?sid=3572687&cid=43247219 [slashdot.org]

--

"That's it, I've had enough. ... Bye everyone, most of the last decade or so has been fun, but frankly, I quit." - http://slashdot.org/comments.pl?sid=3572687&cid=43247225 [slashdot.org]
--> "So basically what you're saying is that you've added yourself to the HOST file?" - http://slashdot.org/comments.pl?sid=3572687&cid=43247481 [slashdot.org]

--

Sweet baby Moses, this is beautiful work - I wish we could get trolls as good as this on TF. :) - http://slashdot.org/comments.pl?sid=3572629&cid=43247533 [slashdot.org]

--

you have a point - http://slashdot.org/comments.pl?sid=3572687&cid=43247823 [slashdot.org]

--

I do admire that level of dedication. - http://slashdot.org/comments.pl?sid=3572687&cid=43247765 [slashdot.org]

--

[to apk] shut up you stupid cock. Everyone knows you're wrong. - http://slashdot.org/comments.pl?sid=3572687&cid=43250533 [slashdot.org]

--

I will hand it to him, he is definitely consistent. I wish I knew how he did this. That thing is scary huge. - http://slashdot.org/comments.pl?sid=3572629&cid=43250411 [slashdot.org]

--

I admire the amount of dedication you've shown - http://slashdot.org/comments.pl?sid=3573571&cid=43251593 [slashdot.org]

--

Word is, ESR buttfucks CmdrTaco with his revolver. - http://slashdot.org/comments.pl?sid=3573679&cid=43252957 [slashdot.org]

--

Hey APK, Protip: It's not the truth or value (or lack of) in your post that gets it modded into oblivion, it's the fucking insane length. In addition to TL;DR (which goes without saying for a post of such length), how about irritating readers by requiring them to scroll through 20+ screenfuls just to get to the next post. If you want to publish a short story like this, please do everyone a favor and blog it somewhere, then provide a brief summary and link to your blog. Readers intrigued by your summary will go read your blog, and everyone else will just move along at normal /. speed. - http://slashdot.org/comments.pl?sid=3573873&cid=43255013 [slashdot.org]

--

Happy now - http://slashdot.org/comments.pl?sid=3569419&cid=43237239 [slashdot.org]

--

Professional. - http://slashdot.org/comments.pl?sid=3574035&cid=43255143 [slashdot.org]

--

I like how this post seems to just sum up every Slashdot comment ever without actually saying anything. - http://slashdot.org/comments.pl?sid=3574283&cid=43256029 [slashdot.org]

--

extremely bright - http://slashdot.org/comments.pl?sid=3574035&cid=43255855 [slashdot.org]

--

You provide many references, which is good. - http://slashdot.org/comments.pl?sid=3574035&cid=43257043 [slashdot.org]

--

Holy shit - http://slashdot.org/comments.pl?sid=3576121&cid=43260311 [slashdot.org]

--

this is a perfect example - http://slashdot.org/comments.pl?sid=3578157&cid=43265127 [slashdot.org]

--

You're my personal hero. - http://slashdot.org/comments.pl?sid=3574283&cid=43260747 [slashdot.org]

--

Obviously very passionate - http://slashdot.org/comments.pl?sid=3574035&cid=43261975 [slashdot.org]

--

Is that ALL you have to say? C'mon! Tell us what you really think. - http://slashdot.org/comments.pl?sid=3576225&cid=43262495 [slashdot.org]

--

Thanks ... You should probably stay - http://slashdot.org/comments.pl?sid=3577613&cid=43262993 [slashdot.org]

--

Art? -- http://slashdot.org/comments.pl?sid=3569681&cid=43244883 [slashdot.org]

--

PROOF apk sucks donkey dick. - http://slashdot.org/comments.pl?sid=3577639&cid=43263029 [slashdot.org]

--

I've been around /. for a while now, but this post is by far the most unique I've seen. Many have tried, but few achieve the greatness of this AC. My hat's off to you. - http://slashdot.org/comments.pl?sid=3576225&cid=43264325 [slashdot.org]

--

PROOF apk is a liar! - http://slashdot.org/comments.pl?sid=3578279&cid=43265249 [slashdot.org]

--

I think it's hilarious. Get over it! - http://slashdot.org/comments.pl?sid=3578301&cid=43265657 [slashdot.org]

--

Obviously APK filled his hosts files with backdoors before distributing them to ensure he doesn't block himself. - http://slashdot.org/comments.pl?sid=3578229&cid=43265767 [slashdot.org]

--

Alexander Peter Kowalski is an obnoxious prick. - http://slashdot.org/comments.pl?sid=3406867&cid=42698875 [slashdot.org]

--

Don't mention that file. Ever. It'll draw APK like a fly to rotting meat. Last thing I want to read is 80 responses worth of his stupid spam about that file! I swear that cocksucker does nothing but search Slashdot for that term and then spams the entire article. - http://slashdot.org/comments.pl?sid=3554655&cid=43209619 [slashdot.org]

--

[to apk] You have had it repeatedly explained to you that your posts are long-winded, unpleasant to read due to your absurd formatting style and full of technical inaccuracies borne of your single minded i-have-a-hammer-so-every-problem-is-a-nail attitude. - http://slashdot.org/comments.pl?sid=3406867&cid=42701491 [slashdot.org]

--

Oh shit, the hosts files have become self-aware and started hacking accounts. - http://slashdot.org/comments.pl?sid=3581857&cid=43276783 [slashdot.org]

--

What mad skillz you have!! - http://slashdot.org/comments.pl?sid=3581193&cid=43273941 [slashdot.org]

--

Am I the only one who enjoys this sort of insanity? - http://slashdot.org/comments.pl?sid=3582193&cid=43281063 [slashdot.org]

--

You are my favorite Slashdot poster. - http://slashdot.org/comments.pl?sid=3580251&cid=43270359 [slashdot.org]

--

Most insightful post on the Internet - http://slashdot.org/comments.pl?sid=3579259&cid=43275207 [slashdot.org]

--

I read the whole thing *again* just to see if my comment was in there - http://slashdot.org/comments.pl?sid=3588003&cid=43293069 [slashdot.org]

--

[to apk] So, did your mom do a lot of drugs when she was pregnant? - http://slashdot.org/comments.pl?sid=3586303&cid=43291531 [slashdot.org]

--

people are looking at me funny because I'm laughing hysterically at what a perfect APK imitation it is. - http://slashdot.org/comments.pl?sid=3581991&cid=43278203 [slashdot.org]

--

I think he wants it to be an article, but doesn't know how to submit it. - http://slashdot.org/comments.pl?sid=3586345&cid=43287717 [slashdot.org]

--

Slashdot devs seem in no hurry to fix this problem and it's been driving me nuts. So for anybody who values viewing at -1 and uses greasemonkey here's a Script [pastebin.com] . There's a chance of false positives and it's not the most optimized. But I value not having to scroll through > 10 paragraphs of APK, custom hosts files, or 'acceptable ads' spam. - http://slashdot.org/comments.pl?sid=3586291&cid=43287671 [slashdot.org]
--> slashdot devs are too busy installing itunes for their hipster nerd buddys to sort this problem out. - http://slashdot.org/comments.pl?sid=3586291&cid=43290701 [slashdot.org]

--

I can't get enough of all of this good stuff! Thanks for the informative links! - http://slashdot.org/comments.pl?sid=3586291&cid=43287553 [slashdot.org]

--

When threatened, APK typically produces a post with links showing he's essentially posted this hundreds of times to slashdot stories... - http://slashdot.org/comments.pl?sid=3586291&cid=43290275 [slashdot.org]

--

[to apk] Your post got downmodded because you're a nutjob gone off his meds. - http://slashdot.org/comments.pl?sid=3586081&cid=43288893 [slashdot.org]

--

[to apk] The reason people impersonate you is because everyone thinks you're a moron. The hosts file is not intended to be used as you suggest. - http://slashdot.org/comments.pl?sid=3591803&cid=43302885 [slashdot.org]
-->What? You don't have a 14MB hosts file with ~1million entries in it? Next you'll probably tell me that your computer doesn't start thrashing and take 5 minutes for a DNS lookup! - http://slashdot.org/comments.pl?sid=3591803&cid=43302977 [slashdot.org]

--

[about apk] - this fwit is as thick as a post. worse, this shithead has mod points. and using them. - http://slashdot.org/comments.pl?sid=3591681&cid=43302873 [slashdot.org]

--

In before the fight between those two guys and their walls of text... - http://slashdot.org/comments.pl?sid=3592647&cid=43306485 [slashdot.org]

--

HEY APK YOU ARE A WASTE OF OXYGEN -GET A LIFE - http://slashdot.org/comments.pl?sid=3593009&cid=43308147 [slashdot.org]

--

KPA ...thgim dik a ekil .s.b laivirt hcus no emit hcum taht etsaw t'ndluow I sa ,ti gniod em TON si ti - syug ON - http://slashdot.org/comments.pl?sid=3592933&cid=43307605 [slashdot.org]

--

[to apk] You seriously need to go see a shrink. You are a fucking fruitcake! - http://tech.slashdot.org/comments.pl?sid=3592933&cid=43307559 [slashdot.org]

--

[to apk] Did you ever consider that it's not just one corrupt moderator, it's a bunch of regular slashdot users who infrequently get mod points who think you are totally full of shit? Stop posting annoying off topic irrelevant bullshit, and people won't mod you down. I'm seriously sick of reading your posts about someone impersonating you. - http://slashdot.org/comments.pl?sid=3592933&cid=43308389 [slashdot.org]

--

[to apk] you should be forced to use a cholla cactus as a butt-plug - http://tech.slashdot.org/comments.pl?sid=3592647&cid=43308219 [slashdot.org]

--

[to apk] No one is on your side, that is why you're here. posting. still. No one cares. - http://it.slashdot.org/comments.pl?sid=3595009&cid=43310903 [slashdot.org]

--

I wouldn't be surprised if that is APK trying to draw attention to himself, since he thinks such endless tirades are examples of him winning and make him look good. When people stop paying attention to him, or post actual counterpoints he can't come up with a response to, he'll post strawman troll postings to shoot down, sometimes just copy pasted from previous stories. - http://tech.slashdot.org/comments.pl?sid=3592647&cid=43308851 [slashdot.org]

-o-o-o-o-o-o-o-

Did you see the movie "Pokemon"? Actually the induced night "dream world" is synonymous with the academic religious induced "HOSTS file" enslavement of DNS. Domains have no inherent value, as it was invented as a counterfeit and fictitious value to represent natural values in name resolution. Unfortunately, human values have declined to fictitious word values. Unknowingly, you are living in a "World Wide Web", as in a fictitious life in a counterfeit Internet - which you could consider APK induced "HOSTS file". Can you distinguish the academic induced root server from the natural OpenDNS? Beware of the change when your brain is free from HOSTS file enslavement - for you could find that the natural Slashdot has been destroyed!!

FROM -> Man - how many times have I dusted you in tech debates that you have decided to troll me by ac posts for MONTHS now, OR IMPERSONATING ME AS YOU DID HERE and you were caught in it by myself & others here, only to fail each time as you have here?)...

So long nummynuts, sorry to have to kick your nuts up into your head verbally speaking.

cower in my shadow some more, feeb. you're completely pathetic.

-o-o-o-o-o-o-o-

* :)

Ac trolls' "BIG FAIL" (quoted): Eat your words!

P.S.=> That's what makes me LAUGH harder than ANYTHING ELSE on this forums (full of "FUD" spreading trolls) - When you hit trolls with facts & truths they CANNOT disprove validly on computing tech based grounds, this is the result - Applying unjustifiable downmods to effetely & vainly *try* to "hide" my posts & facts/truths they extoll!

Hahaha... lol , man: Happens nearly every single time I post such lists (proving how ineffectual these trolls are), only showing how solid my posts of that nature are...

That's the kind of martial arts [google.com] I practice.

-o-o-o-o-o-o-o-

Disproof of all apk's statements:

OLD POST LINKS MIRRORED HERE:
http://pastebin.com/8yxcW3TJ [pastebin.com]

RECENT POST LINKS:
http://slashdot.org/comments.pl?sid=3581193&cid=43273839 [slashdot.org]
http://slashdot.org/comments.pl?sid=3581857&cid=43276593 [slashdot.org]
http://slashdot.org/comments.pl?sid=3581991&cid=43277017 [slashdot.org]
http://slashdot.org/comments.pl?sid=3582075&cid=43277273 [slashdot.org]
http://slashdot.org/comments.pl?sid=3582193&cid=43278565 [slashdot.org]
http://slashdot.org/comments.pl?sid=3584857&cid=43282375 [slashdot.org]
http://slashdot.org/comments.pl?sid=3578357&cid=43282481 [slashdot.org]
http://slashdot.org/comments.pl?sid=3585297&cid=43283241 [slashdot.org]
http://slashdot.org/comments.pl?sid=3585417&cid=43283695 [slashdot.org]
http://slashdot.org/comments.pl?sid=3585451&cid=43284271 [slashdot.org]
http://slashdot.org/comments.pl?sid=3585593&cid=43284843 [slashdot.org]
http://slashdot.org/comments.pl?sid=3585795&cid=43285307 [slashdot.org]
http://slashdot.org/comments.pl?sid=3585827&cid=43285755 [slashdot.org]
http://slashdot.org/comments.pl?sid=3586081&cid=43286509 [slashdot.org]
http://slashdot.org/comments.pl?sid=3586127&cid=43286699 [slashdot.org]
http://slashdot.org/comments.pl?sid=3586137&cid=43287021 [slashdot.org]
http://slashdot.org/comments.pl?sid=3586291&cid=43287449 [slashdot.org]
http://slashdot.org/comments.pl?sid=3586345&cid=43287755 [slashdot.org]
http://slashdot.org/comments.pl?sid=3586303&cid=43289687 [slashdot.org]
http://slashdot.org/comments.pl?sid=3586627&cid=43289733 [slashdot.org]
http://slashdot.org/comments.pl?sid=3586589&cid=43290487 [slashdot.org]
http://slashdot.org/comments.pl?sid=3587901&cid=43290773 [slashdot.org]
http://slashdot.org/comments.pl?sid=3588003&cid=43290983 [slashdot.org]
http://slashdot.org/comments.pl?sid=3588135&cid=43292021 [slashdot.org]
http://slashdot.org/comments.pl?sid=3588293&cid=43292235 [slashdot.org]
http://slashdot.org/comments.pl?sid=3588505&cid=43293807 [slashdot.org]
http://slashdot.org/comments.pl?sid=3585927&cid=43293997 [slashdot.org]
http://slashdot.org/comments.pl?sid=3588749&cid=43294405 [slashdot.org]
http://slashdot.org/comments.pl?sid=3588831&cid=43295131 [slashdot.org]
http://slashdot.org/comments.pl?sid=3589063&cid=43295377 [slashdot.org]
http://slashdot.org/comments.pl?sid=3588881&cid=43295689 [slashdot.org]
http://slashdot.org/comments.pl?sid=3589089&cid=43295855 [slashdot.org]
http://slashdot.org/comments.pl?sid=3589273&cid=43295915 [slashdot.org]
http://slashdot.org/comments.pl?sid=3589273&cid=43296223 [slashdot.org]
http://slashdot.org/comments.pl?sid=3589297&cid=43296795 [slashdot.org]
http://slashdot.org/comments.pl?sid=3589441&cid=43298759 [slashdot.org]
http://slashdot.org/comments.pl?sid=3589575&cid=43301133 [slashdot.org]
http://slashdot.org/comments.pl?sid=3589605&cid=43301143 [slashdot.org]
http://slashdot.org/comments.pl?sid=3591681&cid=43303049 [slashdot.org]
http://slashdot.org/comments.pl?sid=3591803&cid=43304723 [slashdot.org]
http://slashdot.org/comments.pl?sid=3592325&cid=43305507 [slashdot.org]
http://slashdot.org/comments.pl?sid=3591903&cid=43307375 [slashdot.org]
http://slashdot.org/comments.pl?sid=3588523&cid=43307387 [slashdot.org]
http://slashdot.org/comments.pl?sid=3592187&cid=43307465 [slashdot.org]
http://slashdot.org/comments.pl?sid=3593009&cid=43308801 [slashdot.org]
http://slashdot.org/comments.pl?sid=3592973&cid=43308813 [slashdot.org]
http://slashdot.org/comments.pl?sid=3592933&cid=43308825 [slashdot.org]
http://slashdot.org/comments.pl?sid=3592647&cid=43308843 [slashdot.org]
http://slashdot.org/comments.pl?sid=3592647&cid=43308851 [slashdot.org]
http://slashdot.org/comments.pl?sid=3593139&cid=43311793 [slashdot.org]
http://slashdot.org/comments.pl?sid=3593207&cid=43311803 [slashdot.org]
http://slashdot.org/comments.pl?sid=3595381&cid=43311815 [slashdot.org]
END

Re:answers within (1, Funny)

hxnwix (652290) | about a year and a half ago | (#43312407)

Excellent post A++++++++++++ would scroll past again!!!!

It's not I folks: It's Jeremiah Cornelius... apk (0)

Anonymous Coward | about a year and a half ago | (#43334627)

THIS is why he's doing it & proof of it, here -> http://interviews.slashdot.org/comments.pl?sid=3585927&cid=43295193 [slashdot.org] when others pointed out Jeremiah Cornelius forgot to submit one of the "first post spams" (masquerading as myself, by posting as AC & using some old posts of mine or other b.s. he put up), & JC mistakenly submitted one of the impersonations of myself as his registered 'luser' name here on /. forums.

Pretty pitiful actually, but like every up to no good idiot does? He screwed up & submitted it under his registered 'luser' name here, instead of his ac submittals he's been doing.

* Jeremiah Cornelius: DO YOURSELF, and the rest of us, A GIANT FAVOR MAN: Seek professional psychiatric help!

(Since Jeremiah Cornelius obviously can't get over the fact he made a spelling error on what it is HE ALLEGEDLY DID FOR A LIVING? That's not MY fault... it's HIS!)

APK

P.S.=> I seriously must have dusted JC (in his mind @ least) for his BAD spelling error & it "got his goat"...

I.E.-> Catching what he claimed to do as a job, for YEARS he left "PENETRATION" (correct) spelled as "PENTRATION" (incorrect) on his resume on LinkedIn & I pointed it out as he & his friends trolled me as usual (webmistressrachel, gmhowell, & crew (probably ALL JC no doubt using alterate emails or TOR to do it as a possible - I've caught "them & theirs" doing it before, ala Barbara, not Barbie = TomHudson (same person))).

So THAT is what has gotten his goat in a technical debate & his "geek angst" could only come up with *trying* to "impersonate me" in every news thread on /. for the month of March 2013 so far!

(Just to attempt to 'discredit me' as a spammer here obviously)

Doing so, by posting that "$10,000 challenge" &/or reposts of my old posts on hosts file value to end users into EVERY SINGLE NEWS ARTICLE POSTED on /. ...

It's all I can think of that *might* cause such a mentally troubled 'reaction' like the Jeremiah Cornelius is doing & there's NO QUESTION he's the one doing this spamming of nearly every posted article masquerading as myself...!

... apk

reporting (5, Interesting)

gbjbaanb (229885) | about a year and a half ago | (#43310801)

as usual, ArsTechnica does a much [arstechnica.com] better [arstechnica.com] job [arstechnica.com] of describing this, slashdot eds, take note please!

The best text-only (no ads!) reply [cluepon.net] though is from Richard A Steenbergen who responded to the gizmodo article. This guy works at one of the tier 1 providers and described the problem, particularly that the DDoS wasn't a big deal for them but that the attack on the INX exchanges might have been.. but turned out not to be after a little tweaking of their filters.

Nevertheless, the problem that I can see is that the internet is open to these kind of attacks. Now Spamhaus can get CloudFlare to handle these attacks on their behalf (for a lot of free advertising) but MyLittleSite.com cannot, and that leave them open to extortion attacks from the criminals who run these DDoSs. Surely a more appropriate response would not be "yeah, we're great, we can handle a poxy 300Gbps" but "we need to sort out this so the baddies cannot screw people with impunity". I'd prefer a technical resolution (eg ingress/egress filtering, rate limiting, non-recursive responses from outside your domain) to legal ones which is all there is at the moment it seems.

Re:reporting (2)

Hentes (2461350) | about a year and a half ago | (#43311023)

A technical solution would require redefining the IP standard.

Re:reporting (0)

Anonymous Coward | about a year and a half ago | (#43311261)

This is a contract problem. 'We will test your ingress/egress filters or you do not use our link'. Problem solved.

Re:reporting (4, Interesting)

geoskd (321194) | about a year and a half ago | (#43311417)

A technical solution would require redefining the IP standard.

Not really, Two things would go a long way towards ending the ddos threat permanently. First, Implementing gateway sanity checks that already exist. If a provider is forwarding packets with spoofed IP address', then un-peer them until they fix their configurations.

Second, is an out of band feature which provides a mechanism where the recipient of a packet can flag that packet as malicious and ask the upstream connection to shut them down at their source. This feature should be recursive, and with the same sanity checks to make sure the requests are legitimate.

As a result of these two, a ddos begins: The recipient computer starts flagging IP address and requesting that their host provider shut off the flows from each IP as they are identified. Host provider filters everything from that IP. for a random interval between 10 minutes and a half hour. The host IP also passes the filter request upstream to the next link in the chain. This process continues until it backtracks all the way to each source machine, which finds itself disconnected for 10 minutes. If the owner is private, then they will call their ISP to find out why their connection sucks, at which point the ISP tells them, your machine is taking part in an illegal ddos. If you don't know how to fix it, take your computer to the local shop to have it cleaned, and have them explain internet security to you while they're at it. If the computer is institutional, then their IT department is going to have one heck of lot of explaining to do, being as they have compromised servers and had to be told by their ISP that they have a problem... Either way, no bot net operator will risk having their botnet dismantled automatically without a very long thought about what they are trying to accomplish. Additionally, no ddos would be effective for more than a few minutes as the requests filtered back upstream and shut it down at its distributed sources.

The biggest complaint I always hear about this plan, is what if someone spoofs shutdown requests to get someone disconnected. That kind of spoofing could only work if one of the intermediate nodes is compromised, or the IP validation is not enabled. either way, it requires that the network be broken in easily fixable ways, which presumably will be fixed as soon as discovered. Think of the whole system as an autoimmune reaction to infection. Terribly effective and largely automatic.

-=Geoskd

Re:reporting (2)

Zumbs (1241138) | about a year and a half ago | (#43312117)

What if someone - say one of the millions of compromised computers out there - were to send a shutdown request against a large player - say spamhaus. By your example, spamhaus would be taken offline until someone at spamhaus' IT department called their ISP to get the block cleared. At which point another compromised computer sends a new shutdown request. Sure, you loose a few bots, but at the cost of one bot per 5 minutes downtime for a large vendor, you can get a pretty big bang out of a small bot network.

Re:reporting (1)

geoskd (321194) | about a year and a half ago | (#43314665)

What if someone - say one of the millions of compromised computers out there - were to send a shutdown request against a large player - say spamhaus. By your example, spamhaus would be taken offline until someone at spamhaus' IT department called their ISP to get the block cleared. At which point another compromised computer sends a new shutdown request. Sure, you loose a few bots, but at the cost of one bot per 5 minutes downtime for a large vendor, you can get a pretty big bang out of a small bot network.

Kind of. In your example, what happens is that spamhouse looses the ability to send packets to that IP address The rest of their connection remains unaffected. Their ISP gets an indication that spamhaus is sending malicious traffic, and the routers have automatically blocked packets to the victims IP address. Everyone else is unaware that anything is going on. Spamhaus is relatively unaffected. It all depends what their ISP does with the information. Institutional services probably wont get disconnected right away, but a private connection might get closed down after a relatively few offenses.

-=Geoskd

Re:reporting (0)

Anonymous Coward | about a year and a half ago | (#43312197)

"Two things would go a long way towards ending the ddos threat permanently"

This was a smurf amplification attack, so no you won't be ending the ddos threat permanently. Or more accurately, a distributed smurf amplification attack. Your ideas might work to prevent the smurf amplification, but there is nothing which can be done to prevent a simple, direct DDoS. Except to have more bandwidth and processing capability than the attacker does.

Re:reporting (1)

CBravo (35450) | about a year and a half ago | (#43314695)

Or the possibility to block the IP at the source AS.

Re:reporting (1)

geoskd (321194) | about a year and a half ago | (#43317971)

This was a smurf amplification attack, so no you won't be ending the ddos threat permanently. Or more accurately, a distributed smurf amplification attack. Your ideas might work to prevent the smurf amplification, but there is nothing which can be done to prevent a simple, direct DDoS. Except to have more bandwidth and processing capability than the attacker does.

Smurf attacks are easy to stop, and are not terribly effective anymore thanks to various changes made to the IP standard in the last 15 years. IP validation eliminates all possibility of smurf attacks, because smurf attacks only work if IP spoofing works. Properly configured networks are immune.

-=Geoskd

Re:reporting (4, Informative)

somersault (912633) | about a year and a half ago | (#43312291)

Yep, your solution is worse than the DDoS itself, because it only requires a few requests to take a server offline, not a massively sustained attack.

Can you explain to me how to progmatically tell the difference between your "spoof" shutdown request and a real one? If you can't do that, then you could effectively DDoS an entire ISP when all of their customers have their connections shut down, and they can't get through to support lines because everyone else is phoning up to get their line re-enabled, etc..

Re:reporting (1)

geoskd (321194) | about a year and a half ago | (#43314733)

Can you explain to me how to progmatically tell the difference between your "spoof" shutdown request and a real one?

The sanity checks that prevent spoofing IP address will also prevent spoofed kill requests from making it to their destination. Even if the spoofed request makes it to the hosts routers, all it will do is shutdown their ability to send packets to the one ip address. the rest of their connection will remain unaffected. Again, if someone along the line is not doing spoof checking, this will highlight that very quickly, and they will fix it.

From a programming point of view, the routers can be set up to watch traffic. If a kill request comes in for an IP address, but there hasn't been a packet sent from the "offending IP" to the requesting IP recently, then there is clearly something else going on. There is a very simple sanity check that a source (and destination) router can perform. The ISPs at both ends have all of the information to algorithmically detect false alerts, and even a false alert will do relatively little damage. As in all of the other cases, the anti spoofing will make it very clear, very quickly where the infected machines are.

-=Geoskd

Re:reporting (1)

WaffleMonster (969671) | about a year and a half ago | (#43312353)

Second, is an out of band feature which provides a mechanism where the recipient of a packet can flag that packet as malicious and ask the upstream connection to shut them down at their source. This feature should be recursive, and with the same sanity checks to make sure the requests are legitimate.

LOL flag this packet as spam.. There is already a packet option for this in RFC 3514.

As a result of these two, a ddos begins: The recipient computer starts flagging IP address and requesting that their host provider shut off the flows from each IP as they are identified.

How do you identify an attack(er)?

Host provider filters everything from that IP.

Why should they trust your attack classification or anything you tell them? It sounds like a good way for them to get sued into oblivion.

which finds itself disconnected for 10 minutes. If

Why ten minutes? What if I have IPv6 and a number of IPs equal to 4 billion IPv4 Internets? Will it still target single hosts?

If the owner is private, then they will call their ISP to find out why their connection sucks

LOL I think most ISPs would pass unless your volunteering to sit there and pick up the phone for free.

your machine is taking part in an illegal ddos.

In some countries people and their payloads actually get to be innocent until proven otherwise. You still need to explain how you would classify something as an attack...People have spent billions trying to classify email messages as spam vs legitimate and they are still no closer to getting that right.

The biggest complaint I always hear about this plan, is what if someone spoofs shutdown requests to get someone disconnected. That kind of spoofing could only work if one of the intermediate nodes is compromised, or the IP

So in other words your idea only works if the network is trustworthy and we all know that aint so.

I'm not so sure it would be a good thing for the network to ever become trustworthy cause that would have less than positive implications for freedom of speech especially in areas of the world where people are facing actual oppression.

validation is not enabled

What is IP validation?

Think of the whole system as an autoimmune reaction to infection. Terribly effective and largely automatic.

It is fine to dream up solutions to things but the only way to learn and make your ideas better is to be its most vigorous opponent.

Re:reporting (1)

geoskd (321194) | about a year and a half ago | (#43314817)

How do you identify an attack(er)?

It has their actual IP address in it. If it didn't the anti spoofing would have prevented the packet from getting anywhere near the target anyways

Why ten minutes? What if I have IPv6 and a number of IPs equal to 4 billion IPv4 Internets? Will it still target single hosts?

Ten minutes was just an initial figure to put something there. Testing will give a better range for the temporary blocking of packets.

So in other words your idea only works if the network is trustworthy and we all know that aint so.

No, the idea works two-fold. First, it works perfectly if the network is trustworthy, but it also identifies the parts that aren't and can be used to correct the broken parts...

What is IP validation?

IP validation is checking to see if the return IP address on a packet is actually down a trunc from which the packet came. This normally doesn't work terribly well at tier 1 and some tier 2 routers, but at tier 3 it works dynamite. If every router is using it, then it renders it impossible to send packets anonymously (There are no legitimate reasons to send anonymous packets across the internet anyway). You always know where a packet came from, or else it didn't reach you anyways.

It is fine to dream up solutions to things but the only way to learn and make your ideas better is to be its most vigorous opponent.

Which is why I love testbedding my ideas here. I have ready access to a large contingent of very savvy people with a (sometimes rabid) desire to poke holes in any idea. I have gotten some very complicated responses attempting to demonstrate flaws with my proposed solution, but all of them boil down to being able to spoof IPs. without that, the proposed system works.

-=Geoskd

Re:reporting (1)

geoskd (321194) | about a year and a half ago | (#43314841)

LOL I think most ISPs would pass unless your volunteering to sit there and pick up the phone for free.

I think most of them will do this if the alternative is willfully ignoring a criminal act, which in most countries in the world is still conspiracy to commit... Answering the phone once in a while is a small price to pay, especially since, with these protections in place, ddos' will become practically non-existant: Because they would no longer work, no one would bother.

Re:reporting (1)

geoskd (321194) | about a year and a half ago | (#43314871)

People have spent billions trying to classify email messages as spam vs legitimate and they are still no closer to getting that right.

That is because whether or not a particular e-mail is spam, is a very subjective analysis. One persons spam is another's monthly coupons. Personally, I would identify the entire Sunday paper coupon section as spam, but my wife reads it like the bible...

Malicious packets on the other hand are fairly easy to identify, and there isn't much gray area. Once is happenstance. Twice is coincidence. Three times, it's enemy action.

Re:reporting (1)

WaffleMonster (969671) | about a year and a half ago | (#43311985)

A technical solution would require redefining the IP standard.

This is not something new. These attacks have been known for decades. The majority of existing protocols either are not subject to or have protections against this problem.

If you try and send SYN packets to start a TCP session using a spoofed source address the vast majority of currently deployed stacks will start requring cookies. If you are not able to receive the cookie your evil plot is foiled.

This problem really still only exists in a subset of clueless UDP protocols.

New UDP protocols such as DTLS have it right from day 1. Before TLS handshake starts and DTLS server allocates any state the client must echo back a stateless cookie provided by the server to guard against spoofing. This protects against resource exhaustion and amplification.

There are stateless cookies for other common UDP protocols subject to this problem including SIP and DNS [ietf.org] . It requires no change to IP and only minor changes to most existing UDP based protocols.

For SNMP lock down community, use TCP/TLS or DTLS instead. You get better security and there is no more amplification insanity.

Either way you look at it a lot of work still needs to be done to solve the problem. Whether from the operator filtering end or the protocol end. They both suck and they both need to be fixed.

Re:reporting (4, Informative)

heypete (60671) | about a year and a half ago | (#43311049)

Now Spamhaus can get CloudFlare to handle these attacks on their behalf (for a lot of free advertising) but MyLittleSite.com cannot, and that leave them open to extortion attacks from the criminals who run these DDoSs.

Why not? CloudFlare has a free tier specifically designed for smaller sites. It's mostly used by bloggers and stuff to cache static content than for DDOS protection, but it offers the same level of functionality. The paid service they offer has extra features like SSL support and other options, but all levels of the service offer DDOS protection.

Re:reporting (2)

gbjbaanb (229885) | about a year and a half ago | (#43312377)

I wasn't thinking of blog sites and so, but commercial entities that are more likely to be sent an email telling them that unless they pay $10k on a special day (eg a card retailer on Valentine's day) they'll be knocked off the internet for a week.
CloudFlare will handle these extortion attempts, but as the site taking orders will require SSL, its probably cheaper just to pay the criminals. and that's a bad state of affairs.

Re:reporting (0)

Anonymous Coward | about a year and a half ago | (#43313511)

No, it's cheaper to build your infrastructure in such a way that it can handle things like this. AWS, CloudFlare, dedicated IT staff to monitor your systems and take action when an attack is noticed.

Then again, anyone not doing that probably (shouldn't) be relying on their web presence for their main business income.

Re:reporting (4, Insightful)

sl4shd0rk (755837) | about a year and a half ago | (#43311273)

resolution (eg ingress/egress filtering, rate limiting, non-recursive responses from outside your domain) to legal ones

Umm.. I'm not sure I follow you. The DDoS was comprised of DNS Reflection. Trying to add filtering at layer 2/3 is absolutely pointless since you're saturated at layer 0. The physical hardware is overwhelmed trying to keep up with the packets coming in.

Re:reporting (0)

Anonymous Coward | about a year and a half ago | (#43311981)

Its simple.

I am A. I mark my packet as coming from B (my target), I as for machine C (also my target).

So what happens is I send a packet from machine A. Both the response B goes to you my target AND you get the request for the data C (maybe you or another target).

So instead of figuring out oh network/computer is the one doing this. You have no idea where it came from. It just showed up. So I can send 10 or so bytes of data and inundate you my target box with 1k of data. For the cost of 10 bytes. You can not figure out who it is so you can even yell at the right network guy to yank the plug. You end up having to track down each link and backtrack it. Very tedious. This sort of attack is old hat (known very well in the early 90s) think that GRC guy went bonkers on it around 2002.

At this point in internet time this should not even be going on. This mess should have been cleared up years ago. On by default at the router level. The crap would not even leave the attackers network.

Re:reporting (1)

Anonymous Coward | about a year and a half ago | (#43312125)

resolution (eg ingress/egress filtering, rate limiting, non-recursive responses from outside your domain) to legal ones

Umm.. I'm not sure I follow you. The DDoS was comprised of DNS Reflection. Trying to add filtering at layer 2/3 is absolutely pointless since you're saturated at layer 0. The physical hardware is overwhelmed trying to keep up with the packets coming in.

I would guess he means filtering at the sending end in for sending IP's that are not in-network. And rate limiting on the recursive DNS end.

These are the obvious solutions to this kind of DDOS. Unfortunately, these solutions require third parties that are contributing to but not suffering in any serious way from the DDOS, to configure their servers/routers properly. There is a lack of motivation.

Re:reporting (0)

Anonymous Coward | about a year and a half ago | (#43312253)

resolution (eg ingress/egress filtering, rate limiting, non-recursive responses from outside your domain) to legal ones

Umm.. I'm not sure I follow you. The DDoS was comprised of DNS Reflection. Trying to add filtering at layer 2/3 is absolutely pointless since you're saturated at layer 0. The physical hardware is overwhelmed trying to keep up with the packets coming in.

If they're forging the actual return IP in the IP header section of the packet, then that ought to get caught by ingress/egress filtering by the originating ASN.
But in this case, it's the header information for the DNS payload, so the IP header is usually valid. A properly configured DNS server will simply drop packets which don't have a DNS header matched to the IP header, but there are a lot of places that don't do this which is what allows the return amplification.

And just FYI, if you're talking about layer 0 that physical layer, and at that layer they are referred to as frames, not packets.

Re:reporting (1)

gbjbaanb (229885) | about a year and a half ago | (#43312413)

try reading the links. One thing that can happen is for all ISPs to refuse to deliver packets that are sent with a source IP that isn't part of that ISP's network.

Like if I called a pizza company and ordered you a pizza, assuming you lived in New York, and the call from me showed a California number, the pizza place would think twice about filling the order. On the internet, they'd send you a pizza, as would all the other places I'd have called. (ok, not the best analogy, but you get the idea)

Re:reporting (0)

Anonymous Coward | about a year and a half ago | (#43311307)

Considering the beginning of the very first Ars article you link to says: "And while it hasn't brought the Internet itself down, it has caused major slowdowns in the Internet's core networks." with CloudFare's blog for only source, I'd say no, this is not "as usual Ars does a much better job" (as much as I love Ars).

Re:reporting (0)

Anonymous Coward | about a year and a half ago | (#43311671)

Although ArsTechnica does perpetuate the lie that a Dutch SWAT team tried to enter the bunker when no such thing actually happened.

Re:reporting (1)

Alarash (746254) | about a year and a half ago | (#43317193)

CloudFlare can protect you for free. You might not have as much control but they'll protect you from bots and such for free. Also, MyLittleSite.com probably isn't big enough to piss off anyone who can crank 300 Gbps of DDoS (even if they required only 1/100th of that since they exploited open DNS resolvers).

Negative (1)

Anonymous Coward | about a year and a half ago | (#43310829)

That would be a 'no'.

But, don't let the facts get in the way of sensationalist clickbait and media whoring. If nothing else, the clueless need something to get incensed about and start demanding legislative fixes to imaginary problems.

Purely anecdotal... (1)

lurker412 (706164) | about a year and a half ago | (#43310837)

The problem was supposedly more severe in Europe but, FWIW, my response times in Madrid, Spain were completely normal. I realize that proves nothing, but it does make me skeptical of the Internet Brought to It's Knees claims.

Re:Purely anecdotal... (1)

mhajicek (1582795) | about a year and a half ago | (#43310871)

Also anecdotal, but my access has been quite slow both at home and at work the past couple days. Though of course correlation...

Re:Purely anecdotal... (0)

Anonymous Coward | about a year and a half ago | (#43311319)

In Soviet Russia Spamhaus DDoSes you!

ddos not that bad. (0)

Anonymous Coward | about a year and a half ago | (#43310865)

TFA is right, the DDoS was not that bad as far as the entire Internet is concerned. The submarine cable cuts in 2008 as well as some of the Tier-1 ISP like Sprint depeering with Cogent Communications also in that year led to far more disruption than this DDoS. Hell, the Internet was effectively partioned for a time over the mess with Cogent.

SPAMHaus Promo Stunt (2, Interesting)

Anonymous Coward | about a year and a half ago | (#43310899)

It's definitely a way for SPAMHaus to make the headlines. Whether it is proper conduct, especially for a trust-based organisation like SPAMHaus, is the real question.

DNSBL is not the way to fight spam. I've worked for several large ESP's, and we've had more issues with false positives and various DNSBL's blocking regular, solicited email everytime some angry recipient with a vengeace decided to file a spam-report, instead of just opting-out from the mailing they opted-in for themselves.

This has led to us using less and less DNSBL-related spam-filtering. Most of our spam-filters are now 'smart', using the recipient's own preferences to decide whether a mail should be blocked or not. I'm sure DNSBL's like spamhaus are feeling the heat, and stunts like these may give them the exposure they need to get some fresh customers.

But it's definitely sounds a bit 'shadey' to launch a misinformation-campaign for this, especially for an antispam-firm.

Re:SPAMHaus Promo Stunt (2)

khallow (566160) | about a year and a half ago | (#43311827)

But it's definitely sounds a bit 'shadey' to launch a misinformation-campaign for this, especially for an antispam-firm.

What part of "launch a misinformation-campaign" doesn't sound "shadey"? Well, aside from the accusation coming from from an anonymous poster who doesn't bother to provide a shred of supporting evidence for the claim. That part doesn't sound the least bit shady.

Re:SPAMHaus Promo Stunt (1)

Anonymous Coward | about a year and a half ago | (#43312109)

DNSBL is great for fighting spam -- *if* you find collateral damage acceptable.

As someone who had joe jobs cost a few thousand dollars years ago... I find this wholly appropriate. I *want* to opt in to DNSBL and hurt ISPs that host a spammer. If you affiliate with a ROKSO spammer -- I don't want my servers on your subnet. I don't want email from your subnet once you've had an opportunity to remove them and failed to do so.

Thing you have to understand is DNSBLs fight spam -- not "unlawful UCBE".

As someone who's been known to CC postmaster contacts, sales reps and such on spam reports, I've gotten a few angry replies and one or two threats of lawsuit that were laughed off.

This is what happens when I purchase a piece of software from you and you suddenly decide we have a 'relationship' -- I bought something, it got shipped via fedex, I signed, I'm done -- thank you for your participation. I wanted a particular piece of hardware, not a fucking date.

There are users that will click SPAM rather than unsubscribe. Well-- if you're contacting me, and it's not interesting or adding value... it's SPAM. I'll unsub from email lists I'm on, but if you're some marketer trying for "outreach" -- you aren't a friend. If your content was historically relevant, I'll unsub.

As a user of qmail, gmail, mailinator and bloody vikings addon...

Look -- 95% of the time I *know* who you got my address from. I can watch magazines buy and sell them, watch companies get acquired and see the lists change hands. I've watched comcast rebrand as xfinity and seen my email address get leaked somewhere in the process. I've watched credit card companies get breached and been told it's impossible.

And you know what? If you lose my email address, every single message from you that isn't from a customer service rep gets reported as SPAM. Because you didn't guard the resource I trusted you with.

I understand companies get bought, sold, legal obligations change.

But if you're sending irrelevant content to even 20% of your audience -- you're a spammer, and I'm going to treat you like one.

Not all users are willing to live with the consequences of such actions. Some business may object because it could cost customers.

Having seen spammers cause financial damages -- I *do* accept this.

Give me the DNSBL. I despise state sponsored or corporate censorship -- but I will more than happily choose to filter what I listen to.

people slag DNSBLs... but need to learn (5, Interesting)

Onymous Coward (97719) | about a year and a half ago | (#43312189)

People like to hear that DNSBLs are a problem. And then they like to repeat the accusations. Not sure how folks have gotten attached to the idea, but I'm certain it's not from detailed investigation.

For one thing, don't conflate the mechanism with the implementations. Anyone can publish a DNSBL. You could. And you could make your list all false positives. It would be a bad idea for people to subscribe to your list. Caveat emptor, right?

And that's why you get false positives. You've chosen badly. And you're not using the lists for scoring — sounds like you're using them as final arbiters.

The "trick" to getting DNSBLs to work is to choose wisely. You have to do some research into how the lists are made, and since it's you who will be blocking emails based on the information provided by the lists, it's your responsibility to understand the nature of that information. What are the listing/delisting policies? If you don't know, you're not being a smart consumer. "... everytime some angry recipient with a vengeace decided to file a spam-report ..." Hopefully you know better than to think that every DNSBL is made this way.

And the "smart" spam filters, so you know, are resource intensive. Instead, it's possible to eliminate lots of spam using extremely low resource checks. Validating the SMTP "HELO" (requiring they give FQDN, non-bare address literals, not your domain or IP, and a couple other checks as per RFC) will nix half of spam off the bat. And you can eliminate another third of spam (two-thirds the spam passing HELO checks) by using (well-chosen) DNSBLs. DNS lookups are cheap (and you can download zone files of you're worried about outages). That's 83% of spam cheaply nixed, all before you even get to "MAIL FROM:". If your "smart" checks are building Markov chains and feeding a naive Bayes classifier, that's gonna take time and effort in processing power, in disk resource, in procedures and staff attention/knowledge for maintenance.

DNSBLs are clearly a way to fight spam. But you have to know what they are and how to use them.

Shopping for DNSBLs takes effort, it's true. If you want to do a good job. Once upon a time, Al Iverson's http://www.dnsbl.info/ [dnsbl.info] was up-to-date and gave wonderful statistics on success rates of the various lists (using his (rather knowledgeable) measures). Doing the research now without such a resource is much more challenging.

I use Spamhaus's XBL and SpamCop's SCBL. That's it. Combined, those give me the aforementioned inexpensive 33% spam reduction. (If I used them before the HELO checks the reduction would probably be near 75%, my guess.) I vetted the lists for efficacy (true positives v. false positives), policy (how they're made, listing and delisting), and longevity/reputability. I've been using these guys for 5 years without a hiccup.

Re:SPAMHaus Promo Stunt (0)

Anonymous Coward | about a year and a half ago | (#43316969)

I work at an medium size ESP and I do not share your experience. I get 25 spamcop complaints per year and 20 are justified (of 700M emails). If we get 1 blocklisting per year I think it is much. Last time it was about a bought list we didn't detect at import time. Your customers should stick to the law and, in the end, the internet law: People only want to receive what they want to receive. The rest is spam so people have the right to complain.

The only blacklist I find unreasonable is URIBL because they refuse to say which customer caused the blacklisting. They flat out block our main URL, even though they have a greylist. All the others will at least share a subject line so you can identify the customer.

I don't buy your argument about 'smart' spamfilters. You, at an ESP, want 100% of your emails delivered (and not 90%). In weekends I get 99.7% of my mails accepted. And 0.1% of 0.3% of bounces are about 'possible spam'.

Total Internet bandwidth (1)

Alain Williams (2972) | about a year and a half ago | (#43310915)

300Gb/s, what is that as a fraction of the total Internet bandwidth ? Without that number we don't know if it is a significant proportion of what is available. Maybe we should be asking for that figure round/close-to the Spamhaus servers.

By total I mean the core internet routers, not including those in outlying backwaters.

Re:Total Internet bandwidth (1)

Anonymous Coward | about a year and a half ago | (#43311069)

Depending on how many decimal places you want to consider significant, it rounds to 0%.
According to a resource [wikipedia.org] , the attack would've consumed slightly more bandwidth than a OC-48 / STM-16 / 2.5G SONET optical carrier cable. Alternatively, it is about 1/13th the bandwidth of a OC-768 / STM-256 optical carrier cable.

So, I think you need more than 5 significant digits for 300Gb/s to round to any number other than 0% of total internet bandwidth, but if there was only one cable between the source machines and the destination machine, it could've used up a noticeable chunk of that.

Re:Total Internet bandwidth (1)

btsfh (750772) | about a year and a half ago | (#43311697)

It works out to 30 or fewer average 10G Internet links. Depending on where it hits it could take out a good chunk of many smaller peering exchanges, but any of the Major (Tier 1) ISP's run 80Gbps+ between nodes with 100Gbps links becoming more common, and the larger peering fabrics run multiple Tbps across their peering fabrics. Basically, it is large to many individual sites, but tiny for Internet scale.

Anecdote! I almost quit my job over this. (1)

StealthPanda (1189933) | about a year and a half ago | (#43311017)

On Tuesday afternoon, GMT-6, I could do exactly zero of my job functions, as none of my remote server connections would stay up for longer than 5-7 seconds. Not knowing what was happening, I did hours of troubleshooting on my own connection, before finally just calling it quits for the day.

I was about ready to just walk away out of frustration before things just seemed to magically fix themselves the following morning. So yes, I think this did affect parts of the internet as a whole, and not others. I am not surprised by this.

Re:Anecdote! I almost quit my job over this. (0)

awpoopy (1054584) | about a year and a half ago | (#43311361)

You almost quit because you couldn't do a traceroute or tracepath to figure out there was an ISP, routing or backbone problem and there was nothing you do about it?
A. I'll take over for you because it sounds like you need to be replaced and it sounds like an easy job.
B. Maybe you should learn photoshop and change your career path

Re:Anecdote! I almost quit my job over this. (0)

Anonymous Coward | about a year and a half ago | (#43311477)

Just because someone works on servers doesn't mean they're a networking guru. No need to be a jerk.

Re:Anecdote! I almost quit my job over this. (0)

Anonymous Coward | about a year and a half ago | (#43312047)

No need to be a jerk.

You must be new here.

Re:Anecdote! I almost quit my job over this. (0)

Anonymous Coward | about a year and a half ago | (#43312337)

Just because someone works on servers doesn't mean they're a networking guru

Knowing how to run a traceroute is basic knowledge, only a tiny bit more advanced than knowing what an IP address is, or how to use the ping command. If you don't know how to use a traceroute, then frankly speaking you should not a) be troubleshooting your network connection or b) making claims that your connection problems were caused by the attack mentioned in the article.

No need to be a jerk.

Welcome to the internet, Slashdot, and etc.

Wrong Slowdown (1)

Anonymous Coward | about a year and a half ago | (#43311033)

It didn't slowdown the internet. It slowed down Spamhaus and it may have slowed down the email delivery times of users of the Spamhaus block list.

Nothing to see here. Move along.

It was slow for Spamhaus (2)

donak (609594) | about a year and a half ago | (#43311059)

If you tried to access the Spamhaus website, the DDoS was very effectively blocking that corner of the internet!

Re:It was slow for Spamhaus (1)

xgerrit (2879313) | about a year and a half ago | (#43311469)

If you tried to access the Spamhaus website, the DDoS was very effectively blocking that corner of the internet!

I still can't access cb3rob.com [cb3rob.com] and cb3rob.net [cb3rob.net] on two different ISPs, so I think this counts as a pyrrhic victory [wikipedia.org] .

Nope.... (0)

Anonymous Coward | about a year and a half ago | (#43311405)

I didn't eve know there was a giant DDOS attack going on until I read it in the news. Have not seen any slowdown here in the U.S.

Affect on spam? (1)

xgerrit (2879313) | about a year and a half ago | (#43311481)

So if the spammers botnets are busy with a ddos attack, has there been any measurable decrease in spam on the internet? I haven't seen any internet slowdowns, but I haven't seen any slowdown in spam either...

Re:Affect on spam? (1)

ShaunC (203807) | about a year and a half ago | (#43314007)

Doesn't seem to be much of a difference according to Spamcop stats [spamcop.net] . For all the hullabaloo, whatever spammer lives at Cyberbunker doesn't seem to be a very big player.

Stats on AMS-IX (1)

mpol (719243) | about a year and a half ago | (#43311575)

The statistics that the AMS-IX gives out do not show any rise in network traffic, maybe even a slowdown.

Stats [ams-ix.net]

For a Dutch provider, you would at least suspect a slight increase in traffic on the Dutch Internet Exchange.

These aren't the droids you're looking for (0)

Anonymous Coward | about a year and a half ago | (#43311623)

The illuminati and the Bilderbergs would love for all of us to believe the Internet is immune to cyber attack.

The truth is, however, that we are, as usual, being duped by our own "leaders." The truth is that the Internet is in shambles and is ready to come crashing down any minute, at which point society will break down and give them the excuse they need to finally implement Agenda 21 and the total enslavement of the entire Human population.

Stop lying to yourselves!

we saw email slow down (2)

mixed_signal (976261) | about a year and a half ago | (#43312147)

We and two partner firms saw a big increase in email latency for the afternoon, up to a few hours delay in some cases. General connectivity (vpn, vnc etc.) was not affected, though.

Slow Internet connection speeds (2)

grantspassalan (2531078) | about a year and a half ago | (#43312173)

The Internet connection speed for many is so slow already, that they would not even notice if the Internet speed as a whole dropped by 90%. In the evening, watching Netflix or any other video is a pain. That is why we still get DVDs in the mail.

I noticed (1)

Billly Gates (198444) | about a year and a half ago | (#43312285)

Youtube for listening to music while I work is painful. It can't buffer at all and I have a FIOS connection. I had to reformat my computer and installing Office over the internet and patching the 3 gigs of data for SWTOR was capped at 300k even if I have a fiber connection.

I rebooted my router a few times and ran ipconfig /flushdns but to no avail.

However, none of my activity uses European servers or DNS so I highly doubt this is related at all. Google did say it was absorbing some of the traffic because they are nice guys and do not want to see European internet shutdown and this *might* explain youtube buffering issues.

So I am skeptical unless European traffic is being rerouted to North American servers which are chocking the routers but I do not think the pipes over the atlantic could handle that.

Re:I noticed (1)

ahabswhale (1189519) | about a year and a half ago | (#43313249)

lol...youtube almost always has buffering issues. It's why I use it as little as possible. It's been a problem since the service first existed.

Youtubedown download script recommendation (1)

girlinatrainingbra (2738457) | about a year and a half ago | (#43335153)

Re: youtube almost always has buffering issues
.
May I suggest a command line tool for off-line downloads to your local directory:
http://www.jwz.org/hacks/youtubedown [jwz.org]

as described at http://www.jwz.org/hacks/#youtubedown [jwz.org] is a nice script that you can run on the command line.

Bad conclusion (0)

Anonymous Coward | about a year and a half ago | (#43312835)

> The argument against the original claim include the fact that reports of Internet users seeing slowdowns came not from service providers, but the DDoS mitigation service CloudFlare, which signed up Spamhaus as a customer last week.

Yes, much like how a bullet does not kill you. It's the bleeding that does it.

If Cloudflare is servicing a large portion of internet sites, and Cloudflare is slow, then a large portion of internet sites is slow.

thing is.. (1)

WGFCrafty (1062506) | about a year and a half ago | (#43313391)

The tier 1 providers I read about downplayed it, but then again they have a lot of incentive to downplay it.

slow internet (0)

Anonymous Coward | about a year and a half ago | (#43313641)

it could be abused to "centralize" (*) email delivery, which would make snoopign on email traffic that much easier.
anyways, on linux with a static ip or some dynamic dns updater running there's really no reason
why email cannot be sent and received DIRECTLY by each user (that is without having to go thru
a outside SMTP (sending) or outside IMAP/POP3 (receiving) server).
no system is perfect. the real physical mailbox in front of your house (people still use this) can also
be overwhelmed.
(*) by having blocklists, you pay to be a "good guy", who of course doesn't hav eto co-operate with the "authorities"
due to size (tongue in cheek).

CloudFlare advertising (1)

Midnight_Falcon (2432802) | about a year and a half ago | (#43313757)

I like CloudFlare, but it seems like they exaggerated the scope of this incident in order to get publicity. It's a Startup -- so any exposure seems like good exposure, and they have a lot of operating expenses (bandwidth/hardware/etc), so getting on some VC's radar for a second investment round might be a priority. I'm in the network of the founders on LinkedIn and she shared the NY Times article about the incident asking (not directed towards europeans) all her contacts if the internet was running slowly this weekend, and that's why. Although, no one I know had noticed such a thing -- and I host a few sites in London, and work with a remote team in the Middle East -- and they work on what we consider the weekend ( Sunday, they have a different weekend starting Friday).

IMHO, the question "was your internet running slowly?" was just a humblebrag to point to how they were featured in the NYT -- which is very telling in relation to the information in TFA here.

Mine has been horribly slow (1)

gravis777 (123605) | about a year ago | (#43325053)

Mine has been unbearably slow. I've called up my provider twice. Problem is, speed tests to their servers show I am gettign my advertised speed. If I do speed tests to nearby servers, I am seeing this, but if I go outside of my geographic area, speeds start taking a huge hit. Connecting to most speed test servers on the internet, I am seeing 1/20th of the speed I am paying for (I usually get close). I used to be able to stream HDX from Vudo no problem while surfing, but now, Amazon and Netflix SD buffer like crazy. No matter how much I reset stuff on my end, or have my ISP force a restart on their end, I am still seeing this.

It's even worse on my phone with 4G. I can normally stream movies or music or watch HD Youtube streams with no issue, but over the past week or two, my 4G has been practically unusable. Forget internet radio or any of the other streaming services that I normally have no issues with. A 1 minute Youtube video in SD is now taking about 3 minutes to buffer.

So yeah, I have noticed an incredible hit in speeds over the past couple of weeks.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?