Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

ISP Forced Out of Business by DoS

CmdrTaco posted more than 12 years ago | from the sucky-reality dept.

The Internet 535

flyhmstr writes "According to a report on ISPReview Cloud Nine have been forced off line and out of business thanks to the actions of crackers deciding to go play with some DoS tools." It's only getting worse. The kids are getting more and more aggressive as time goes on and it gets easier and easier to launch a large scale DoS. As any techie knows, fixing the problem is far easier said then done... but as a frequent recipient of the sharp end of the DoS stick, I sure wish it wasn't an issue.

cancel ×

535 comments

Sorry! There are no comments related to the filter you selected.

Spellcheck... (-1, Troll)

jargoone (166102) | more than 12 years ago | (#2881604)

As any techie knows, fixing the problem is far easier said then done
And apparently, so is checking your spelling before posting a story.

Re:Spellcheck... (1)

YorkshireONE (307613) | more than 12 years ago | (#2881611)

Pedant.

Easy, Implement a £5000 fine and up to 5 years if proven to be a scripy kiddie willfully launching DOS attacks.

Re:Spellcheck... (1)

Koim-Do (552500) | more than 12 years ago | (#2881814)

So, it seems your plan go like this one:

1. Make a law
3. The script k1dd13 will be ass-rammed every night for the next 5 years.

BTW, how would you implement step 2 (catch them) ? you can't just put their forged IPs in jail, you know.

Re:Spellcheck... (0, Offtopic)

AssNose (551820) | more than 12 years ago | (#2881634)

I don't think spellcheck would have caught that one; it is a grammar error. It did make me read that sentence a couple of times though...

Re:Spellcheck... (-1)

Tasty Beef Jerky (543576) | more than 12 years ago | (#2881641)

As far as I can tell, there is a word "then". Perhaps you meant grammar check.

then (thn)
adv.
  1. At that time: I was still in school then. Come at noon; I'll be ready then.
  2. Next in time, space, or order; immediately afterward: watched the late movie and then went to bed.
  3. In addition; moreover; besides: It costs $20, and then there's the sales tax to pay.
  4. Used after but to qualify or balance a preceding statement: The star was nervous, but then who isn't on the first night of a new play.
  5. In that case; accordingly: If traffic is heavy, then allow extra time.
  6. As a consequence; therefore: The case, then, is closed.

n.
That time or moment: The bus leaves at four; until then let's walk.

adj.
Being so at that time: the then chairman of the board.


Also, this was a pretty lame first post. It needs more. Perhaps a goatse.cx [goatse.cx] link, or something about an editor being of a different sexual orientation. Be sure to include one of those next time.

Re:Spellcheck... (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#2881710)

If you need to comment on spelling, try some syntax [dictionary.com] checking too.
  1. comparison: [dictionary.com]
    THAN
  2. chronologic sequence : [dictionary.com]
    THEN

Sounds like the first post needs metamodding. (-1, Offtopic)

cecil36 (104730) | more than 12 years ago | (#2881722)

In my humble opinion, I think this is one of the most intelligent first posts I've ever seen. Even I can't first post and point out some mistake in the grammar and yet have a mistake in my post as well.

Look at it this way, at least I don't widen or lengthen the page or link every thread to a site that shall remain unmentioned.

whoops (5, Funny)

magicslax (532351) | more than 12 years ago | (#2881606)

of course a nice healthy slashdotting right now doesn't help anybody's case. :grin:

Re:whoops (3, Informative)

Tipsy McStagger (312800) | more than 12 years ago | (#2881619)

The Register have the text of the announcement at the moment.

which side of the law is our community on? (2, Flamebait)

davejenkins (99111) | more than 12 years ago | (#2881612)

It's very sexy to support programmers who fight 'bad' encryption routines, 'ludicrous' copyright schemes, and the like, but when it comes to skript k1ddi5 hacking OUR stuff, we want to string them up by thier fingernails.

The tough part of this issue is that it begs the question (from the general population's viewpoint): "Which side of the law are we (slashdot community) on?" The unwashed masses out there see both of these as the same thing...

Re:which side of the law is our community on? (5, Insightful)

BgJonson79 (129962) | more than 12 years ago | (#2881649)

If the scrupt kiddies buy the hardware like we buy the DVDs maybe you have a case, otherwise it seems to me like apples and oranges to me.

Re:which side of the law is our community on? (4, Insightful)

berzerke (319205) | more than 12 years ago | (#2881667)

The unwashed masses out there see both of these as the same thing...



That is the problem. I always try to explain it this way: There are good doctors, and there are bad doctors. There are good lawyers, and there are bad lawyers. There are good cops, and there are bad cops. (etc.) And there are good hackers, and bad hackers.

Re:which side of the law is our community on? (3, Insightful)

jas79 (196511) | more than 12 years ago | (#2881697)

the same side as always.
the 'slashdot community'is against unfair laws , but in favour of good laws.

destroying something without a good reason is just wrong.

Re:which side of the law is our community on? (1)

-brazil- (111867) | more than 12 years ago | (#2881761)

the 'slashdot community'is against unfair laws , but in favour of good laws.


Of course, we reserve the right to define what are "good laws" and what are "bad laws", and in what cases a particular law that we consider "bad" is suddenly "good" or vice versa...

Re:which side of the law is our community on? (5, Troll)

bwt (68845) | more than 12 years ago | (#2881699)

We're on the side that says information is not a crime, but attacking someone is.

Writing a DoS tool is not a crime. Using it on someone else is. What's so hard to understand?

Re:which side of the law is our community on? (4, Funny)

(H)elix1 (231155) | more than 12 years ago | (#2881744)

Or in this case...

Programs don't kill servers, malformed packets kill servers.

Re:which side of the law is our community on? (3, Insightful)

ReelOddeeo (115880) | more than 12 years ago | (#2881755)

Writing a DoS tool is not a crime. Using it on someone else is.

I agree. In support of that viewpoint, I would give the following example counter argument.

Guns are bad. Nuclear weapons are bad. Let's remove them both from the military. Studying how these things are built and used is not a worthwhile endevor. Since we don't believe in attacking someone for no reason, we don't need any weapons. We also don't need to study how offensive weapons might be used against us. Therefore there is no reason for their existance. Let's just pass a WMCA (Weapons Millenium Contraband Act) law and outlaw anyone even thinking about how weapons work or how reinforcements might be vulnerable to weapons.

(Disclaimer: I don't own anything which was designed to be used as a weapon; lest someone pigenhole me into a certian group.)

Re:which side of the law is our community on? (3, Interesting)

evilviper (135110) | more than 12 years ago | (#2881725)

Can't speak for the rest of the slashdotters, but I don't want them to be prosecuted... I want the insecurity to be repaired, which is what we've always wanted.

What happens in the business world with the DMCA, they would arrest who-ever pointed out that DDoSing was a possibility. Just the opposite of the solution.

Besides, it's a trivial fix... The only problem is that nobody takes the initative.

Re:which side of the law is our community on? (2, Insightful)

ergo98 (9391) | more than 12 years ago | (#2881754)

Can't speak for the rest of the slashdotters, but I don't want them to be prosecuted... I want the insecurity to be repaired, which is what we've always wanted.

Taking this to an absurdly inappopriate analogy: If some pranksters fire bombed an old age home killing all inside, is the solution to call for old age homes to be built with fireproof walls and armed guards out front? Where does the responsibility of the criminal end and the responsibility of the victim begin?

Re:which side of the law is our community on? (3, Insightful)

-brazil- (111867) | more than 12 years ago | (#2881773)

Besides, it's a trivial fix...


Technically trivial, perhaps. Administratively, it is extremely non-trivial, and that's just as big a factor. Please get off the "If I can do it in my home network of three machines, it must be just as easy to do for the whole internet" horse.

Re:which side of the law is our community on? (2)

3am (314579) | more than 12 years ago | (#2881789)

I want them arrested, and to suffer.

The one wrong (ISPs with bad security) doesn't mitigate the other (socially stunted little idiots making other people suffer for kicks).

It seems to me that you are making exactly the same argument used by firearm opponents - who blame Colt, Smith&Wesson, et al. for violent crime, neglecting to blame the criminals for their part.

Re:which side of the law is our community on? (2, Insightful)

oyenstikker (536040) | more than 12 years ago | (#2881726)

We (the slashdot community) (except for the trolls) don't cause inconvience to innocent bystandars/consumers, and we don't cause headaches for those who actually do something, only to the lawyers and politicians and freeloaders (RIAA, MPAA, et cetera).

Ethics (5, Interesting)

Aceticon (140883) | more than 12 years ago | (#2881735)

As usual this is a question of ethics.

It has nothing to do with hackers, crackers, RIAAs, MPAAs or the color green - it has all to do with freedom of information:

- I support freedom of information, and by extension those that help make information free.

- I'm against restriction of information (any kind of information - bad, good, usefull or useless). Naturaly i am by extension against those that try to constrain that freedom.

- Which side of the law am i on?
Neither side. My ethics are independent of the law.

Going back to this specific case, i'm against however did the DDoS attacks because they went against other people's freedom to give and receive information.

We're in the grey area. (5, Insightful)

phathead296 (461366) | more than 12 years ago | (#2881745)

There is a world of difference between trying to maintain our fair use rights or exposing bad "security" methods and launching a DDoS attack against ANYONE.

This is not a black and white issue. A DoS attack is both illegal and imoral, as what you are doing hurts a large group of people. Exposing bad security in e-book files will help people in the long run. (Although it will help the copyright holders and not us :( )

As for the general population, it depends entirely on what the media reports. They can report that "hackers" have cracked a protection scheme, or they can report that a digital protection scheme was proven inadequate. Both are technically true, but each favors one group as the good guy. Unfortunately, since news is an entertainment forum, the first is more likely to be reported.

Until the general population is tech savvy enough to understand these issues, the media will have complete control over their opinions.

Cheers,
Phathead

I'd like to know (0, Troll)

PowerTroll 5000 (524563) | more than 12 years ago | (#2881615)

How many companies has /. forced out of business with our very own special brand of DoS attack?

Re:I'd like to know (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#2881640)

you know, i just got modded down for a similar /. = dos statement. no nobody can see that i said it first.

it's all in the wording. -_-

Re:I'd like to know (1)

perrin_harkins (529293) | more than 12 years ago | (#2881714)

How many companies has /. forced out of business with our very own special brand of DoS attack?

Answer: none. The swell of traffic brought on by a link on Slashdot is really no big deal for any large commercial site. Most of the sites that get affected are small, often hobbyist or academic sites. You don't see the New York Times site get slow when Slashdot links there, do you?

I know you were just joking, but some people really overestimate this whole Slashdot Effect thing.

Re:I'd like to know (1, Informative)

Anonymous Coward | more than 12 years ago | (#2881804)

one of the GBA sites was forced offline permanently due to the slashdot effect, look it up. cost him over 400 bucks...which for a high school kid was apparently enough to pull the plug on the site. /. screws people too.

It's good they're out of business... (0)

keiferb (267153) | more than 12 years ago | (#2881618)

...because having their site slashdotted surely can't be good for sales. =)

FOAD (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#2881620)

whoever the nazi moderator might be. it's too early in the morning for smackdown.

Slashdot & DoS... (-1, Troll)

Anonymous Coward | more than 12 years ago | (#2881621)

I was going to ask originally how Slashdot protects/handles itself in DoS situations...

But then I realized how silly that would be to answer. Here script kiddies, let me just TELL you our national defense secrets!

Silly me....

Re:Slashdot & DoS... (0)

Anonymous Coward | more than 12 years ago | (#2881681)

See? Its exactly this kind of small-minded modding that makes /. a lame place to be.

>:PPPPPPPPPPPPP

May I lengthen your page? (-1)

CmderTaco (533794) | more than 12 years ago | (#2881622)

3 [goatse.cx]
1
5
6
4
5
6
5
7
4
9
8
7
6
8
7
5
6
4
3
2
4
1
2
5
6
5
4
1
8
9
5
7
1
9
8
4
3
4
2
6
6
5
5
6
4
6
5
7
7
6
9
6
1
5
2
4
9
8
3
4
9
3
5
8
6
7
4
9
5
8
6
7
7
9
6
7
8
7
5
8
9
8
6
7
9
8
8
7
6
6
5
3
4
4
2
5
1
4
2
3
2
3
1
1
3
4
1
4
6
5
4
1
9
5
8
5
2
9
8
7
6
9
8
3
7
7
8
4
6
5
6
4
5
4
1
2
2
3
4
1
1
3
2
3
1
6
5
1
4
9
3
8
5
6
7
9
8
4
3
7
7
9
6
8
7
6
5
4
8
6
2
5
1
4
6
7
5
6
4
3
8
9
7
3
2
9
8
3
4
7
9
1
8
2
4
3
6
4
5
1
4
6
3
2
3
2
1
4
5
4
3
5
6
3
5
2
7
5
6
6
4
9
8
7
9
8
4
7
6
6
2
5
4
6
3
1
5
6
4
5
6
5
7
4
9
8
7
6
8
7
5
6
4
3
2
4
1
2
5
6
5
4
1
8
9
5
7
1
9
8
4
3
4
2
6
6
5
5
6
4
6
5
7
7
6
9
6
1
5
2
4
9
8
3
4
9
3
5
8
6
7
4
9
5
8
6
7
7
9
6
7
8
7
5
8
9
8
6
7
9
8
8
7
6
6
5
3
4
4
2
5
1
4
2
3
2
3
1
1
3
4
1
4
6
5
4
1
9
5
8
5
2
9
8
7
6
9
8
3
7
7
8
4
6
5
6
4
5
4
1
2
2
3
4
1
1
3
2
3
1
6
5
1
4
9
3
8
5
6
7
9
8
4
3
7
7
9
6
8
7
6
5
4
8
6
2
5
1
4
6
7
5
6
4
3
8
9
7
3
2
9
8
3
4
7
9
1
8
2
4
3
6
4
5
1
4
6
3
2
3
2
1
4
5
4
3
5
6
3
5
2
7
5
6
6
4
9
8
7
9
8
4
7
6
6
2
5
4
6
3
1
5
6
4
5
6
5
7
4
9
8
7
6
8
7
5
6
4
3
2
4
1
2
5
6
5
4
1
8
9
5
7
1
9
8
4
3
4
2
6
6
5
5
6
4
6
5
7
7
6
9
6
1
5
2
4
9
8
3
4
9
3
5
8
6
7
4
9
5
8
6
7
7
9
6
7
8
7
5
8
9
8
6
7
9
8
8
7
6
6
5
3
4
4
2
5
1
4
2
3
2
3
1
1
3
4
1
4
6
5
4
1
9
5
8
5
2
9
8
7
6
9
8
3
7
7
8
4
6
5
6
4
5
4
1
2
2
3
4
1
1
3
2
3
1
6
5
1
4
9
3
8
5
6
7
9
8
4
3
7
7
9
6
8
7
6
5
4
8
6
2
5
1
4
6
7
5
6
4
3
8
9
7
3
2
9
8
3
4
7
9
1
8
2
4
3
6
4
5
1
4
6
3
2
3
2
1
4
5
4
3
5
6
3
5
2
7
5
6
6
4
9
8
7
9
8
4
7
6
6
2
5
4
63
1
5
6
4
5
6
5
7
4
9
8
7
6
8
7
5
6
4
3
2
4
1
2
5
6
5
4
1
8
9
5
7
1
9
8
4
3
4
2
6
6
5
5
6
4
6
5
7
7
6
9
6
1
5
2
4
9
8
3
4
9
3
5
8
6
7
4
9
5
8
6
7
7
9
6
7
8
7
5
8
9
8
6
7
9
8
8
7
6
6
5
3
4
4
2
5
1
4
2
3
2
3
1
1
3
4
1
4
6
5
4
1
9
5
8
5
2
9
8
7
6
9
8
3
7
7
8
4
6
5
6
4
5
4
1
2
2
3
4
1
1
3
2
3
1
6
5
1
4
9
3
8
5
6
7
9
8
4
3
7
7
9
6
8
7
6
5
4
8
6
2
5
1
4
6
7
5
6
4
3
8
9
7
3
2
9
8
3
4
7
9
1
8
2
4
3
6
4
5
1
4
6
3
2
3
2
1
4
5
4
3
5
6
3
5
2
7
5
6
6
4
9
8
7
9
8
4
7
6
6
2
5
4
6
3
1
5
6
4
5
6
5
7
4
9
8
7
6
8
7
5
6
4
3
2
4
1
2
5
6
5
4
1
8
9
5
7
1
9
8
4
3
4
2
6
6
5
5
6
4
6
5
7
7
6
9
6
1
5
2
4
9
8
3
4
9
3
5
8
6
7
4
9
5
8
6
7
7
9
6
7
8
7
5
8
9
8
6
7
9
8
8
7
6
6
5
3
4
4
2
5
1
4
2
3
2
3
1
1
3
4
1
4
6
5
4
1
9
5
8
5
2
9
8
7
6
9
8
3
7
7
8
4
6
5
6
4
5
4
1
2
2
3
4
1
1
3
2
3
1
6
5
1
4
9
3
8
5
6
7
9
8
4
3
7
7
9
6
8
7
6
5
4
8
6
2
5
1
4
6
7
5
6
4
3
8
9
7
3
2
9
8
3
4
7
9
1
8
2
4
3
6
4
5
1
4
6
3
2
3
2
1
4
5
4
3
5
6
3
5
2
7
5
6
6
4
9
8
7
9
8
4
7
6
6
2
5
4
6
3
1
5
6
4
5
6
5
7
4
9
8
7
6
8
7
5
6
4
3
2
4
1
2
5
6
5
4
1
8
9
5
7
1
9
8
4
3
4
2
6
6
5
5
6
4
6
5
7
7
6
9
6
1
5
2
4
9
8
3
4
9
3
5
8
6
7
4
9
5
8
6
7
7
9
6
7
8
7
5
8
9
8
6
7
9
8
8
7
6
6
5
3
4
4
2
5
1
4
2
3
2
3
1
1
3
4
1
4
6
5
4
1
9
5
8
5
2
9
8
7
6
9
8
3
7
7
8
4
6
5
6
4
5
4
1
2
2
3
4
1
1
3
2
3
1
6
5
1
4
9
3
8
5
6
7
9
8
4
3
7
7
9
6
8
7
6
5
4
8
6
2
5
1
4
6
7
5
6
4
3
8
9
7
3
2
9
8
3
4
7
9
1
8
2
4
3
6
4
5
1
4
6
3
2
3
2
1
4
5
4
3
5
6
3
5
2
7
5
6
6
4
9
8
7
9
8
4
7
6
6
2
5
4
6

Of course you may. (-1)

ringbarer (545020) | more than 12 years ago | (#2881654)

What a polite gentleman, and correct use of grammar as well. Obviously you are not a Slashdot editor.

Kudos!

Scumbags (1)

joebp (528430) | more than 12 years ago | (#2881624)

Why did they choose one of the good guys?

"We live in a backwards universe where John Lennon is shot dead, yet Barry Manilow continues to make fucking records." -- Bill Hicks

John Lennon was a great musician. (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#2881799)

However, he was an asshole as a person. So few people get it right.

DoS and Spam (2, Interesting)

wiredog (43288) | more than 12 years ago | (#2881626)

I have become convinced that spam, and script kiddy idiocy such as this, will only stop when Bad Things(TM) start happening to the abusers. Bad Things(TM) would hopefully be legal, in that the abusers go to jail. But that may not happen until after the victims, seeing no help coming from the law, take things into their own hands.

Judge Lynch never sleeps.

Re:DoS and Spam (1)

billcopc (196330) | more than 12 years ago | (#2881676)

Well, I'd personally love to beat the crap out of all these cyber-pimps who try to sell me "Absolutely free triple-breasted fresh tight goat-fucking teens from amsterdam".. but the hard part is tracking the beeotch down and mailing your left fist to his jaw.

Email is relatively anonymous, which is a bit of a good thing since I wouldn't want a chemically unbalanced Usenet lurker to come knocking on my front door because he doesn't like my sig. That 'security by obscurity' has these obvious drawbacks, we either have to live with them or forfeit the privilege entirely.

Re:DoS and Spam (0)

Anonymous Coward | more than 12 years ago | (#2881740)

DoS and Spam are often on different ends of a clue stick. Indeed, what is a spam victim supposed to do against deaf abuse desks, who not only ignore mails, but also calls, and mass forwards of their own tripe to sales@broadwing.com? A DoS seems to be the easyest solution in such cases, as an ISP too clueless to can its spammers is probably also too clueless to find the source of a DoS...

Re:DoS and Spam (2)

Sobrique (543255) | more than 12 years ago | (#2881818)

Problem is, legal or not, electronic crime is _so_ hard to gather evidence and prosecute.
A skript kiddy is pretty safe, as are spammers. It's hard to prosecute, difficult to gather evidence (a compromised machine is fundamentally 'contamintated' evidence, an uncompromised machine hasn't been hacked and therefore is rarely worth prosecuting). Computer forensics have been around for a while, but the kiddiez are protected by 2 things.
Corporate inertia - the cost of admitting a break in and the damage it does to the share price is often more than any damage an intruder can do.
Sheer numbers. There's an awful lot of idiots with net connections, who think its l33t to DoS, skript etc. Computer literacy isn't always a good thing :)

I wonder why? (5, Interesting)

Em Emalb (452530) | more than 12 years ago | (#2881628)

Can someone please clue me into why people do this? I don't quite understand this mentality. I have never done something bad like this simply because I could. Am I a rarity in this world? Do these kids need a hug? Why would you do this? Feeling "elite" because you can knock down an ISP? Take your energy and do something positive with it. IMO, this is petty and retarded. Maybe these script kiddies can go knock down a hospital or something next, hey why not, it doesn't hurt anyone right? RIGHT? forking iceholes.

Re:I wonder why? (2, Insightful)

jlower (174474) | more than 12 years ago | (#2881669)

Can someone please clue me into why people do this?

Because they can.

Sad, but true - that is the long and short of it. DoS attacks are modern vandilism.

Re:I wonder why? (5, Insightful)

sphealey (2855) | more than 12 years ago | (#2881688)

Can someone please clue me into why people do this? I don't quite understand this mentality. I have never done something bad like this simply because I could. Am I a rarity in this world?
If 1000 people walk down a backstreet past an empty building, 998 will just pass by. 2 will throw a rock through a window and spraypaint the walls.

This just seems to be part of human nature; I haven't seen much change in the percentage of people who behave this way since my childhood (1960's) anyway. The problem is that the world today is so interconnected, and also dependent on technologies whose webs of interconnection are more fragile than we like to think, that the 2/1000 with the desire to damage can do a lot more damage to a lot more people than ever before.

I am a bit discouraged myself about whether or not this can be stopped on the Internet, personally.

sPh

Re:I wonder why? (1, Funny)

Anonymous Coward | more than 12 years ago | (#2881821)

If 1000 people walk down a backstreet past an empty building, 998 will just pass by. 2 will throw a rock through a window and spraypaint the walls.

And this is nothing new... Look at those paintings on the walls in caves in France (and elsewhere). Those things are thousands of years old.. Damn kids...

Re:I wonder why? (5, Interesting)

Thomas M Hughes (463951) | more than 12 years ago | (#2881690)

Part of me thinks it has a lot to do with the online mentality of a lot of people who are powerless in the real world, but feel empowered when online. I'm most likely pulling this out of my ass, but its something I've seen fairly often when hanging around EFnet in years past.

In real life, you can't just take something from someone else, unless you're much bigger than them. When you're online, you just need to have the ability to access a lot of bandwidth. So, if someone has a channel on IRC that I want, I DoS the server, split it and take the channel. Now, supposedly this doesn't happen as much these days, but it used to happen fairly often back in the day.

There's also online cliques, who for lack of better explaination seem to act as online gangs. Loose groups of friends who associate, talk, and dislike the same people. Thus, much like real life gangs, if one gets ticked off at another, they get their friends to make their life hellish for the opposing party. I wouldn't be suprised if they DoS'd a dialup user just in an attempt to knock him offline and went a little overboard. Or were trying to DoS an IRC bot. Or even a webpage.

Of course, I really have no idea what caused this incident. This is mostly just speculation. But I'm fairly certain at least one script kiddie has had similar motives in mind during his mischief. Kids will be kids, and that involves doing stupid stuff that they don't understand the consequences of. That doesn't mean we should string them up, but it does mean we should make efforts to make it more difficult for them to do damage.

Re:I wonder why? (1)

sparkyz (256676) | more than 12 years ago | (#2881708)

Not only that; but feeling elite because they used some automated tool that they don't even understand; much less could have written on their own.

It's akin to the mailbox bashing you saw when we were kids. It was pretty popular back then to load a mailbox up with bricks. More than a handful of kids were put in the hospital that way. That may be a harsh penalty for a reckless kid; but there were a lot more useable mailboxes in the neighborhood.

Re:I wonder why? (0)

jazman_777 (44742) | more than 12 years ago | (#2881720)

Can someone please clue me into why people do this? I don't quite understand this mentality.


It's not a "mentality." It's EVIL.

Re:I wonder why? (4, Interesting)

eXtro (258933) | more than 12 years ago | (#2881721)

I've had experience with a couple of little bastards that have done this as well as other things. It's not all that complicated to understand why after talking with one of them at length. They're fairly safe from prosecution, they enjoy the fact that it pisses people off, and revel in the fact that you can't really do anything about it. There are also people who look up for them for their ability to blindly execute a script somebody else wrote.


I don't think writing software of any type should be a crime, but I think in cases where there is clear damage (like this company that went under) the usage of the script should be treated as a criminal matter. This could easily involve conspiracy, vandalism etc. charges.


I was originally tempted to start releasing poisoned scripts, scripts that would work as intended when pointed at local machines but would have undesired consequences (hard disk corruption, file deletion etc) if used against external domains. I'd hate to see somebody harmed through legitimate use of the scripts though (auditing a site you have permission to audit from a remote location for instance).

Re:I wonder why? (0)

Anonymous Coward | more than 12 years ago | (#2881792)

Nice idea, poisoned scripts. You don't need to do anyting drastic about it like deleing files. Just an email message to CERT, FBI, or even a newspaper, saying that this address is attacking this address... I guess it would help to catch a few of them.

Re:I wonder why? (2, Insightful)

Skinny Rav (181822) | more than 12 years ago | (#2881753)

Why asking?

It is an old thing. Always and everywhere some young males have an urgeing desire to destroy something just for destroing it. Today if they have muscles they go and smash windows, destroy park benches or just bully others. If they don't - they rund DoS attacks.

Let us say it straight: there is no difference between a script kiddy and a brainless thug who ie. cuts bus seats with a knife.

Raf

Re:I wonder why? (1)

Ankou (261125) | more than 12 years ago | (#2881790)

my 2 cents,

I always compare cracking/bad hacking to graffiti. You have those who do it just for the shear art of the thing, as an attempt to brighten up or send a message to the public. When you have someone without artistic talent doing graffiti it ends out being for the purpose of vandalism. I find that those with more talent and knowledge in computers are less inclined to wreak havoc and more focused on finding out how to fix compromises to systems.

Extreme? (2, Redundant)

Shimmer (3036) | more than 12 years ago | (#2881631)

IANAS(ysadmin), but this doesn't quite add up for me. Do they really need to go out of business? Heck, if the company is "solvent", it seems to me they could find a way to survive. In the worst case, they switch upstream providers, get new IP addresses for all their boxes, and even change domain names. Yes this is huge pain in the ass for everyone (especially customers), but I can't imagine that shuttering is any more convenient.

-- Brian

Re:Extreme? (4, Insightful)

arkanes (521690) | more than 12 years ago | (#2881656)

They get charged through the nose for all the bandwidth the attack takes. Theres a certain amount of money budgeted for bandwidth, but the a DoS attack hits and suddenly you're running at 100x normal bandwidth cost for however long it takes you to break the attack - that kind of fee can certainly break a company that already lives on the edge.

Re:Extreme? (1)

Shimmer (3036) | more than 12 years ago | (#2881713)

Yeah, but the article says that the company is (was) still solvent.

-- Brian

Copy of article (2, Redundant)

Anonymous Coward | more than 12 years ago | (#2881635)

Today looks set to be a sad and frustrating one for anybody who was ever a customer of the once popular unmetered dialup and broadband ISP Cloud-Nine.

At precisely 10:16am a few minutes ago Emeric Miszti (CEO) and John Parr (Operations Director) of the C9 ISP posted what's likely to be their final announcement on our forums. C9 is now the latest ISP to close, although it's the first we've ever seen to go from a hack attack!:

Cloud Nine regret to announce that at 7:45 this morning the decision was taken to shut down our Internet connections with immediate effect.

We tried overnight to bring our web servers back online but were seeing denial of service attacks against all our key servers, including email and DNS. These were of an extremely widespread nature.

We felt we had a moral duty not to expose our customers to possible attacks as well.

We must thank BT for all the help they provided us with in trying to bring these attacks to an end. We worked with them for the last few weeks to investigate this problems but ultimately we did not believe that we could survive these attacks and that it would be in the best interests of both ourselves and our customers to close our Internet service and seek a transfer of our services to another ISP.

We now wish to initiate a speedy transfer of servers, domain names, etc to interested Surftime ISP's and NT portfolio hosters since this would be the quickest way to get the affected customers online again. Please contact John Parr on 07740 423993 if interested.

We want to thank our customers for all the support over the last few days. Ultimately these attacks denied the service not to us but to many thousands of British businesses and ordinary people - this was an attack against everyone with no consideration for anyone!

The company is solvent but if a sale of assets cannot take place quickly then an administrator will be appointed. We have had to pay our excellent staff to the end of the month and we feel really sorry for them as well and would like to thank them for all their efforts over the years and the commitment shown over the last few difficult days.

All the directors are feeling absolutely gutted since we have all spent nearly 6 years building this company and its reputation to see it destroyed by a brazen act of cyber terrorism - well at this moment we can think of no words to express our true feelings.

Emeric Miszti
CEO

John Parr
Operations Director

We're extremely sorry to see them go, not least because they often provided a very important insight into the internal wrangling that goes on between ISP and operator, it often goes unmentioned.

However the fact that such a long standing ISP was forced out of business by hackers is also of great concern and will no doubt be picked up on by the media. We can only hope they catch the people involved.

WHAT!! (4, Funny)

BryceH (263331) | more than 12 years ago | (#2881638)

but as a frequent recipient of the sharp end of the DoS stick, I sure wish it wasn't an issue

ha ha ha.. this comming from the kingpen of DOS .. no /. has never DOS-ed a site... really i swear..

Re:WHAT!! (1)

Horne-fisher (220861) | more than 12 years ago | (#2881813)

I think you people are missing the point. A DoS attack excludeds legitimate usage. A /.ing sends lots of users to the site, and these users may become buyers of the site's service.

Basically, a /.ing is good publicity, and a DoS is bad publicity. Both are free.

My doctor says that I have a malformed public duty gland and a natural deficiency in moral fiber, and that I am therefore excused from saving Universes.

-Ford Perfect
Hitchhiker's Guide to the Universe

"Recipient?" (-1)

sinator (7980) | more than 12 years ago | (#2881639)

Slashdot shouldn't complain about being the recipient of DoS attacks; after all, it's the cause of many DoS attacks. I won't even say it's entirely unintentional, because the editors COULD link to mirrors or COULD maintain a cache or COULD notify the website owner beforehand...

CmdrTaco Bashing (-1)

CmderTaco (533794) | more than 12 years ago | (#2881642)

Click here [slashdot.org] to bash CmdrTaco and be on topic!!! Because he is nothing but a limp penis.

Why let them win? (2, Insightful)

SID*C64 (444002) | more than 12 years ago | (#2881645)

It seems kind of silly to shut down your business because of some little hax0rs. Granted, in this economic climate it could certainly hurt business... however it simply doesn't make sense unless there are some underlying problems.

This isn't like 31337 warez d00d shutting down his FTP server and crying to his mommy because someone did a DELE on all his pr0n files. Closing down a business due to hacking attempts or DoS seems rather harsh action to take.

Alternative to Imprisonment (1)

wyldeling (471661) | more than 12 years ago | (#2881646)

DoS attacks can be nasty, but why don't you use something like LaBrea [hackbusters.net] to slow them down a bit?

Got to be something more to this than is reported (3, Offtopic)

johnburton (21870) | more than 12 years ago | (#2881648)

First they go offline for days with no information available about why. Then they say they are coming back on line after a "hack" but that they will have to put their prices up. Finally they just appear to just give up and shut down.

It all seems very strange to me.

must have been the straw... (4, Interesting)

Hollins (83264) | more than 12 years ago | (#2881652)

They had to have been in a dire position to start with, or merely decided to sell out. This gave them a reason to explain dumping everyone's accounts over to another ISP. They didn't specify how much they made off the deal.

I can't see a healthy, competent ISP being put out of business by dos attacks. Yet.

Re:must have been the straw... (1)

innit (79854) | more than 12 years ago | (#2881698)

Yes, I too am a little cynical about this. All small-time ISPs in the UK are having a tough time, hell, the large ones are too. While I don't doubt that they were DOS'd, a part of me suspects that it came at just the right time, affording C9 a legimate excuse to close down their operation, in effect they were given someone to blame other than themselves.

Of course, I have no evidence of this. IANAISP.

Stuii!

Re:must have been the straw... (0)

Anonymous Coward | more than 12 years ago | (#2881785)

Yeah, more or less the same thing as happened after September 11th to the airlines: they were already in a bad shape before, and the events gave them the excuse of firing staff, scaling down, asking the government to bail them out, etc.

Sadly, Laws Won't Do It (3, Insightful)

tarsi210 (70325) | more than 12 years ago | (#2881660)

Sadly enough (and I certainly feel for the ISP), new laws concerning these attacks aren't going to help anyone. For laws to be effective, you actually have to catch the person in question, and with DDOS that's darn tough.

I'm not sure what the real answer is, though. I find myself reading these stories and articles and feeling helpless myself, even though I'm not directly involved. But I am a programmer, and we're supposed to have brilliant solutions to these issues....but I can't come up with one. The underlying structure of the 'net itself is to blame for allowing these attacks, and you know to change that will be like getting all cars to convert to bacon fat gas.

How does one instigate a major industry shift in how we do things? Would it even be worth it, or will we just see these random business fold due to stupid fucking kiddies?

Re:Sadly, Laws Won't Do It (3, Insightful)

berzerke (319205) | more than 12 years ago | (#2881757)

While I agree that catching the person behind this, and giving them real punishment, is the best solution, it is not the only one.



There have been a couple stories on /. already about those with insecure networks being sued and forced by the courts to shutdown until they can secure their networks. This (and others) ddos is probably coming from insecure computers. Yet, if you track down some of these computers, all but the smallest ISP's could care less that their network is being used to attack someone.



Perhaps some laws that make it easier and cheaper to shutdown the insecure computers will help put a stop to that. Perhaps something similar to the DMCA with regards to copyright infrigement, where if the ISP pulls the plug, they have legel liability protection, only with strong penalities for making a false report.

DoS attacks (1, Informative)

awgy (315261) | more than 12 years ago | (#2881661)

The efnet (www.efnet.org) IRC network has had these problems for years. I'm not sure how some of their servers have survived, seeing as though many companies donate bandwidth to the cause. I know that a lot of people seemed to have strayed away from it due to the large amounts of DoS attacks, which caused the server links to go up and down (which in turn made a very unstable network). I wonder if they've learned any ways to cope with these attacks? Anyone know of any other networks that have had these issues and are still around?

Make an example of them (2, Interesting)

Tri0de (182282) | more than 12 years ago | (#2881662)

IMHO the effort should be made to catch a few of the little bastards and see to it than an eXtreme example is made for all. Old enough to run a script, old enough to be tried as an adult and spend the next 20 years doing tech support for Pelican Bay in between visits from their new 'boyfriend'.

And there is a pretty clear difference between 'white hat' and 'black hat' hacking. Did anybody ACTUALLY SUSTAIN *PROVABLE* DAMAGE? (and not like the frame up where they claimed that Kevin stole $100,000 worth of info, or some such BS). These punks do more real damage each day than Mitnick EVER did.

Why were they attacked...? (0)

Anonymous Coward | more than 12 years ago | (#2881665)

Any bets on they were hosting or providing spam services, and someone got a little tired of it? From what they "said" happened, it appears that someone went to a lot of work otherwise...

One ISP is punished for another ISP's mistakes... (3, Interesting)

Anonymous Coward | more than 12 years ago | (#2881671)

One of the main reasons DoS attacks work is because of misconfiguration at ISP's. If the ISP's blocked outgoing packets with forged IP src addresses, and known bad packets, then the severity of the problem would greatly diminish.

ISP's don't do this, because either they don't understand it's a problem, or they don't know how, or their poor NAS boxes would collapse if they were asked to filter the traffic, instead of just forwarding it.

Re:One ISP is punished for another ISP's mistakes. (0)

Anonymous Coward | more than 12 years ago | (#2881727)

I don't think a NAS box does what you think it does...

Anonymity vs. Accountability (3, Interesting)

beamz (75318) | more than 12 years ago | (#2881675)

I know this is going to get modded down but this is what the community as a whole gets for having the luxury of being pseudo-anonymous.

There isn't much for accountability when it comes to the net and everyone knows this. Lawmakers are doing very little about SPAM and it's a form of DoS but people cry afoul when some kids were pissed off at someone on IRC and DoS multiple large networks.

If people aren't required to be accountable for ALL of their actions then this isn't going to stop anytime soon. Unfortunately it's not hard to get access to connections with a lot of bandwidth so it's easy to pound anyone into oblivion.

I don't know what the solution is but as more companies get DoS'ed while their livelyhood depends on the net, you'll see more being done.

My question is if it costs companies so much to deal with SPAM, why isn't more being done? Isn't this a similar issue?

Register coverage (5, Informative)

Zocalo (252965) | more than 12 years ago | (#2881677)

The Register [theregister.co.uk] is an effective mirror of the article too, but they also have a *tiny* bit more information.

Same thing happened to me (3, Interesting)

gabeman-o (325552) | more than 12 years ago | (#2881678)

I run a small ISP, and two of our clients decided to run fragmented DoS attacks and ping floods that consumed the entire 100mbit connection to our main server. Our ISP got royally pissed and cancelled our services with them because it was against their TOS/AUP.

I have moved on to a better ISP that actually filters attacks leaving and entering the network.

Re:Same thing happened to me (2, Insightful)

Cygnusx12 (524532) | more than 12 years ago | (#2881741)

Huh... But what did you do about the clients running fragmented DoS attacks, and using ping flood tools on YOUR network? Don't you have a terms and coditions of service?

Mod me down for this, or forgive me if I'm missing something here, but it seems like you passed the problem on to someone else instead of dealing with the source offenders yourself.

Re:Same thing happened to me (1)

gabeman-o (325552) | more than 12 years ago | (#2881758)

My ISP told me about the first one, I deleted their accounts. On the second one, they just cancelled the server I was leasing from them (without ample time to back up).

Dos for weeks (3, Interesting)

f00zbll (526151) | more than 12 years ago | (#2881684)

According to the article, the attack was been going on for a couple weeks. Part of me finds this very disturbing and alarming. Considering how many times IPv6 has been posted on /. and the possibility of mediating the problem of distributed denial of service attacks with the new features of IPv6, why hasn't adoption been more rapid? If a group of vandals can bring down an ISP, what's to stop them from repeating it?

Now that the Internet has shown to be a useful medium and is rapidly becoming an utility, it's time to make it more secure and robust against DDos attacks. The technology exist already, the telco's need to take the initiative and make it happen. From this document [ietf.org] on ietf.org site:

7. Security consideration
Any public proxy is inherently a source of DOS attack. Rate limiting packet emission as suggested in 3.5 is expected to lower the risks.

Why hasn't this been solved? (5, Interesting)

DotComVictim (454236) | more than 12 years ago | (#2881685)

A solution to the DOS problem was posed at the Adelaide IETF meeting a couple years ago. Basically, some small percentage of packets randomly selected get ICMP notices from routers, with last and next hop information, that is forwarded to the destination. So if you are getting a large number of packets from a single source, you get proportionally more of these packets, and can use a heuristical engine to model the source, even for DDOS problems. This allows you to trace back to the offending network/ISP and shut off the DOS

Why did no one do this? It requires changes to router firmware, I'm not sure about Cisco firmware upgrades, but I thought they were at least possible. Besides, they could use this as a selling point and declare their old routers obsolete.

Admittedly, the model breaks down under MPLS, since it is difficult to track the cloud, but you can at least track entrance and exit points from the cloud.

Re:Why hasn't this been solved? (1)

Koim-Do (552500) | more than 12 years ago | (#2881770)

Can you please post a reference to this solution ?

Two Quick Points (2)

NickV (30252) | more than 12 years ago | (#2881687)

1) I wonder how likely is it that the DoS attacks were an excuse to find a reason other than the "we're really not profitable anymore thanks to big national ISPs" reason for bankruptcy (which is why lots of ISPs are going under lately.) I hate to say it, but after hearing all these companies blame the 9-11 attacks on going bankrupt, I've grown a bit cynical. I really wouldn't be surprised to find out that Could 9 was financially hurting already (regardless of their claim that they weren't.) The DoS attacks allow them to make a nice "good guy being bullied" exit.

2) This is awful news for other ISPs, since this will give the script kiddies incentive to do it again. Not only did you get an ISP to shut down ("Wow, isn't that cool" must be running through their heads) but they also got featured on /. This will just embolden these kiddies to do it again. sigh

3) (yep, one more just came to me) Can you say serious implications for the future of Corporate Espionage?

The whole story... (2, Insightful)

routerwhore (552333) | more than 12 years ago | (#2881695)

I suspect there is more to this story. They may just be checking out due to DOS attacks as an excuse for their investors. There are many ways to combat a DOS attack and BT could have played a large part in that respect. The tools and techniques are available, even to mitigate a DDOS from multiple real hacked hosts.

Calling it "terrorism" (3, Interesting)

prophecyvi (249996) | more than 12 years ago | (#2881696)

The Register has a story on this as well, mostly a rehash of ISPReview. Link here [theregister.co.uk] .

From that article:

Speaking to The Register a dejected Mr Miszti said: "This is terrorism - pure and simple. I never want to relive the last seven days again.

You're thinking "terrorism? yeah right".

It's too bad (for them) they're in the UK... in the U.S., under the so-called "Patriot Act" this IS in fact terrorism. Read for yourself here [eff.org] .

Script Kiddies and Torture isn't bad I swear.. (0)

Anonymous Coward | more than 12 years ago | (#2881702)

I think its time now that we do more to script kiddies then let thier mommies hold them over their knee and spank them. I think the Sys admins should do it with with a motherboard so much that you can read the serial number off the cheeks. I know I would rather do that than have the little bastard go on probation for a year

Obstruction? (4, Interesting)

hughk (248126) | more than 12 years ago | (#2881703)

As far as I can see, the script k1dd13z, are intentionally interfering with a business. Treat it as any other kind of commercial blockade and if they persist, let them be sued.

In the UK, the Computer Misuse act is such a catchall, it would be easy to claim damages (less easy to collect though).

Slashdot is known for having a DOS effect, but at least it is people attempting to view a site for its content. Its tough if you pay your hosting company for bandwidth but, at least it's legitimate and its is coming from a lot of users.

The trouble is, so does a distributed DOS. This has a lot of unwitting users too. It is extremely difficult to trace who is giving the orders and the actual attack 'bots run on any suitably unprotected system that happens to have conveniant broadband access to the web. Even the Whitehouse was hit, liuckily the attack 'bot was dumb and a quick switch to a backup IP address solved the problem.

The only solution that I know is to use a private network (as done by several securities exchanges). You can block out all of an exchange's internet access, but you will not hit the private network. Users without a private network connection can fall back to switched circuit connections (i.e., ISDN) when the Internet is down.

I would make such an annoucement (4, Funny)

Florian Weimer (88405) | more than 12 years ago | (#2881715)

if my business plans didn't work out.

(Read the final paragraphs of the announcement. Why do they stress that they are solvent?)

Simple filtering should stop this? (3, Insightful)

Twylite (234238) | more than 12 years ago | (#2881724)

I could be a little out of date (maybe even a lot ;) ), but last time I checked you could do a lot of calming of DoSing by implementing proper packet filtering on routers.

IIRC most DoSing relies on the kiddie hiding their source address (so that they can't be traced). So ensure that the router closest to the kiddie knows all the IPs it is allowed to accept, and rejects (and logs) all others.

This puts an onus on ISPs to handle the situation. Any ISP which doesn't react immediately to a DoSer from it or a downstream stands to lose (all of) its uplink(s).

Most port handling equipment can handle quite complex filtering on its own, knowing the IP allocated to a port and filtering all packets without that as its source. Port handlers typically forward to a router anyway, so its easy for an ISP to say "that interface talks to that rack, which can use IP range X to Y, so filter everything else". Immediately your script kiddie is limited to faking addresses of other users in the range.

This screws up a number of DDoS attacks I know of (where the reply to an unwitting host causes shit for the replier), and makes it a lot easier to trace the kiddie at least to within a limited number of possibilities.

If the ISP supplies a link to another ISP it must ensure it toes the line. Bulk links to corporate customers or anyone with a range of IPs (rather than just one) at the other end of the link can usually be handled like dial-ups: port handlers filter out bad source IPs.

Does anyone know of technical and/or political reasons why this can't work? If there are no technical problems then maybe an IETF policy committee needs to make it a standards issue.

Re:Simple filtering should stop this? (2, Insightful)

Anonymous Coward | more than 12 years ago | (#2881802)

Actually i find most script kiddies don't bother to spoof the source IPs. Why should they? Unless it's to break a crappy IDS like port sentry...but generally i find most DoSes are not spoofed. If you check out where the packets are coming from usually it is a redhat 6.2 box at an ISP or NT 4.0 box at an insurance company or some such thing...there are a lot of misconceptions about DoS attacks based on sites like grc.com speaking as if they are some authority on the subject and people believing them. If you have ever been hit with multiple DoSes you know the claim that all the attackers use cracked residential boxes on cable/DSL is false. Both at work and at home i have been on the recieving end of DoS attacks and only once did it come from compromised residential hosts. Of course getting hit by a few DoSes does not make one an authority so don't take my word for it. Still i think the kiddies have many different techniques...some go for creating armies of residential connection zombies and others just go for the ISPs and other companies with plentiful bandwith.

Sure stopping spoofed packets is nice, but that's not gonna come close to solving it. I have sent e-mails to several listed contacts at the hosts that attacked my systems and never got any response...what am i supposed to do? Sue the company who got their bandwith stolen? what good does that do? Demand to see their logs? If they didn't notice a massive DoS launched from their systems what chance do they have of having unmolested and accurate logs?

Really the only way i see to put a dent in DoS activity is don't let your boxes get cracked. Easier said than done. That's the only way that's really gonna work, don't let these kids take control of your boxes.

As for why was I such a frequent target, was it my fault for attracting the attacks? I refuse to go down that path. That is like saying to a battered wife "well you must have done something to piss off your husband!". There is no justification for DoS attacks.

DoS Attacks (1)

duren686 (463275) | more than 12 years ago | (#2881749)

but as a frequent recipient of the sharp end of the DoS stick, I sure wish it wasn't an issue.

You're a frequent recipient of DoS attacks? What about the sites linked to in Slashdot articles?

a potential way to stop them (1)

MoceanWorker (232487) | more than 12 years ago | (#2881760)

firstly, i wanna go off on a rant, saying that i hate HATE packet kiddies... it's just sad and pathetic how call yourselves "1337 (anyone who types like that should be shot)".. there's more i'd like to add... but i'll hold off on it :-)

secondly, i came upon an interesting article that talks about a reverse firewall [infoworld.com] . Though unfortunately, it's not effective as we wish it to be, because it just stops DoS's from the source. And who knows how many sys admins will bother to install a device like this

Slave to our own inadequate design? (4, Interesting)

Wanderer1 (47145) | more than 12 years ago | (#2881766)

I saw a comment in here blaming the Internet's end-to-end design for the ability for individuals to cause such interruptions to service. BUT...

With all the designs available to us today, as engineers, we should be able to employ traffic shaping devices to limit the amount of load any given site can generate on the net. Cache, throttle and filter. We build routers that can switch ungodly amounts of packets per second (obviously enough to flood the link to Cloud 9's boxes.

So why can't Cloud 9 invest in a few black box traffic shapers (I know they exist) to smooth out the requests?

Just where is the point of failure, anyway?

As long as we continue to design our edge devices to be layover victims, we'll always have these problems. The network delivers, the computer abides. Well, perhaps the computer shouldn't be so quick to respond.

-b-

This can't be the whole story... (2, Insightful)

technopinion (469686) | more than 12 years ago | (#2881772)

Steve Gibson was able to deal with a DoS and it didn't put him out of business, so surely an ISP could too.

Unless of course, it was a mom-and-pop shop ISP who didn't know an ethernet jack from a phone jack (hey, I only did that once!), and I've certainly seen plenty of those...

Wasn't Cloud9... (1, Offtopic)

Myself (57572) | more than 12 years ago | (#2881775)

Didn't they originally host jegelhof's AOLsucks page?

Damn, one of our own.

Conspiracy or retarded kiddies? (0)

Anonymous Coward | more than 12 years ago | (#2881777)

This is really great for some retarded kiddies to pull stupid shit like this - as if we don't already have lawmakers trying to pass legislation to punish use of a computer in non-MPAA/RIAA sanctioned manner as a terrorist act. These punks have nearly committed a terrorist act that could drive more stringent legislation.

Or did some corporation/govt. do this to push exactly the reaction described above...?

which cloud 9? (0)

Anonymous Coward | more than 12 years ago | (#2881795)

there are apparently more than one cloud 9 internet service providers, because the one at www.cloud9.net is still up and running.

Knock on their door (5, Funny)

CDWert (450988) | more than 12 years ago | (#2881798)

We had a DOS issue once,
Kinda funny actually, poorly done, we tracked down who it was, Unknown to the dimwit on his dads T1 (at home his dad was playing hosting provider) The admin at his upstream was a friend of mice accross town, I called paul up and said hey what you trying to pull here, he chuckeled and said I know, I know, I just saw the traffic, you wanna know who it is, you want me to cut him off ?, I said nah, leave him up, I dont want him to know I know, My friend kindly gave me his name and address,

I showed up at around 3:30 since I figured it was they guys kid, and he should be out of school by then, I took a friend(witness along) I didnt want this punk saying I beat him up or anything. I had a cell phone in one hand and rang the bell with th other, he came to the door and I said, right now the Police number is on this phone, I am good friends with a detective there(true) now, you either pull the plug on your end or I press send and well see how long it takes for them to come and pull the plug permanetly, although I dont think you dad would be real happy, I thought this kid was going to wet his pants, Ive only seen somebody so scared a few times, he fell back over a chair in the foyer and took off ? I looked at my friend and it was all we could do to keep a srtaiht face.

He came back 20 seconds later and said its off, and the n stared to enquire about if I was going to tell his dad, I said no but Im sure the bill from your provider will, He was on a transfer pricing plan and this had been going on over 2 weeks while I was on vacation.

I have "Knoked on doors" twive one was a 2 hour drive but I had other business in that area , most certainly the most effective DOS stoppages Ive ever had.

Maybe we should form an allicance of Administrators geographically dispersed to start knocking on their doors, sort of an Administrators Militia , you knock on his in BFI and Ill knock for you when you need it. Police scare the shit out of most of these script kiddies, probably more the fear of knowing being arrested is not something easy to hide from the parents that pay for their computers and bandwidth.

Hold on there... (3, Insightful)

Shoten (260439) | more than 12 years ago | (#2881805)

Now, I don't doubt that Cloud 9 was/is a great ISP, but I have to take their statements with just a wee grain of salt. I don't see anything there that indicates that they came under any worse of a DoS attack than scores of ISPs before them...why is it, then, that this particular ISP decided to just pack up and die over it? Something smells a little funny here, and I can't just take their attribution of the business failure to hackers as gospel.

The ball is on ISP's (0)

Anonymous Coward | more than 12 years ago | (#2881806)

Unless ISP's start using Ingress/Egress filtering to block faked addresses, there is NOTHING that can stop DDoS attacks. Consumer grade OS's are so easy to hack to for DDoS usage, so the only way to prevent attacks is to get proper identification info (eg. real network addresses of attackers).

No technical solution, it's an apathy thing... (5, Insightful)

anthonyclark (17109) | more than 12 years ago | (#2881816)

The problem is that sysadmins see the scans from these kiddies and ignore them (those that even have a portsentry or similar application in place). If you saw someone walking around your house and trying the doors and windows, you'd call the police right away, wouldn't you?

So why do the kiddies get off free? Sheer apathy from most of the sysadmins in the world.

When you get scanned, you have the address (if it's not spoofed), you can send a mail to abuse@domain. But most people don't, because It's too much hassle or we can't be bothered or no harm was done.

Script Kiddies will have a far harder time when admins start practising zero tolerance.

This will never stop until ... (5, Interesting)

gewalker (57809) | more than 12 years ago | (#2881820)

Although the news item does not justify saying that the ISP was going out of business because of DOS attacks (they were still financially solvent), perhaps the owner decided he had had enough of the problems from vandals. A well-run business will shut down and leave the neighboorhood when windows get broken repeatedly before they loose all of their money.

Computer vandalism -- This will not decrease until we (as the technical community -- including management) decide to make some changes. Without changes, it will only get worse.

1) Although technological solutions are useful and necessary, they are not enough. The trusted network model does not work in the real world. There must be rules, accountabilty and penalties (without penalties, nothing stops me from continuing to break the rules).

2) Many network rules exist, some are poorly enforced.

3) Because of packet-spoofing. Some (D)DOS attacks can be nearly impossible to shutdown. We need to make sure only legitimate packets can Internet at large. Without this rule, tracking down the vandal and applying the penalty is not practical. If packet spoofing were eliminated, it would be possible to identify culprits at a modest cost.

4) Accoutability needs to be improved by everybody. If Nimba2002 is released tomorrow, Microsoft should be expected to make it well known, and supply a fix. Network servers should be patched. People running compromised server should be cut-off until they get fixed. These things happen by and large in a haphazard fashion today. The problem needs to be addressed at the source whenever possible.

4) Penalties need to be commensurate with violation. A hand-slap for vandalism does not deter, a death-sentence for jaywalking deters, but it not justice either.

5) Then maybe we should get rid of junk email for an encore.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>