Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Strategies & Market Trends : Gorilla and King Portfolio Candidates -- Ignore unavailable to you. Want to Upgrade?

To: BirdDog who wrote (17644)	2/10/2000 11:29:00 AM
From: Atin	Read Replies (1) \| Respond to of 54805

It isn't that easy -- the flooding was happening by using many scores of "zombie" machines -- not just one machine. It would be easy to catch if only a few machines were involved -- but yahoo.com etc cannot differentiate between legit requests coming from you and me and a flood of requests coming from hundreds or thousands of machines that are being controlled by a program and don't care about the answer, all those machines were doing was make the requests to overload the servers. Any one machine was not "flooding". JavaChat would die the same horrible death if it was flooded the same way -- think of thousands and thousands of users logged onto it at the same time, making the same requests at the same instant. The filtering has to be done "upstream" -- some sort of rate limiting -- but that hurts legit users also even if it doesn't crash the servers because the legit requests would be competing with the 'bot requests. -Atin

To: BirdDog who wrote (17644)	2/10/2000 11:55:00 AM
From: DownSouth	Respond to of 54805

raple, when a flood is detected, turning off the water denies service as well. Same effect. To just turn off the "bad" water, you must look at every drop, which drowns the CPU. Same effect.

To: BirdDog who wrote (17644)	2/10/2000 2:33:00 PM
From: Atin	Read Replies (2) \| Respond to of 54805

RaPle wrote (in a private message, most probably an accident, must have meant it to be in response to my post to the G&K thread, I apologize if not): I know how the attacks on yhoo, ebay and others was initiatied. My comment on checking out Java chat's flooding was a constructive comment knowing that all intelligent people would realize that they have programmed in limits....all kinds of limits. You can also be kicked on that chat by inactivity, there are limits to the amount of people in one room, and the entire room of people will be kicked if it is full and there are just a little too many posts being made. I was hoping this would be a constructive comment without a bunch of examples to further bloat the post. I did not expect somebody to accuse me of ignoring the obvious! I do realize there were many machines used for the hack. I also know that if there were thousands of machines being used that it would have been very difficult to even do the hack in the first place...not to mention in that case it will be very easy to find out who did it....thousands?...yes.... And I also know the hackers can change their hack programs to appear more normal...thus forcing them to use more computers for their hack...and exposing themselves more easily to being caught. Everything for security is not to stop, but to make it more difficult, until they give up, or get caught. I only wanted to point out that there can easily be programmed in limits to ensure normal usage. I also gave an example of such a thing. And constant repeated real time requests that aren't given the time to comprehend the answers in any way can be easily programmed as a limit stop. And yes I do take offense to my short constructive statement being answered publicly as a dumb post. Especially when you used the only 'holes' in my statement that were there to only try to keep the post short. RaPle, the problem isn't with the programming, the problem is with figuring out what to filter. And as the US govt agencies are saying, "at least dozens ``or probably hundreds' of ``zombie' computers had been marshaled in the blitz, typically from university and corporate networks." If you have a method of filtering out the good packets from the bad packets, maybe you can create the next Gorilla candidate within computer network security and we can all make money. Sure, constant repeated requests from the same computers can be stopped -- but a distributed, cascading attack of the sort that Yahoo etc were subjected to are not a one line fix on a router's packet classifier. You seem a little angry, about what I am not sure but I will stop answering your posts obviously. Sorry if I caused offense. Peace, -Atin

To: BirdDog who wrote (17644)	2/11/2000 12:52:00 AM
From: Dinesh	Read Replies (1) \| Respond to of 54805

RaPle I am not sure who will qualify for the title. But Checkpoint has been at it for a while and has some good products - firewalls, VPN, and more. It's not exactly an undiscovered area IMHO. But, then, I am a very risk averse investor. BTW, I don't buy your Java Chat example. The problem lies at a much lower level. I tend to think that you already realize this so I wonder why you mention it in first place. I do believe these attacks will continue. For all that we know, these may not even be attacks but just some buggy chip/sw out there. A la y2k. We have also become somewhat immune to strange windows popping up on the tube that you can't make go away -- thanks to that pesky AOL messenger window... TigerPaw: Your reference to the cable company's alerts is very interesting. Can you possibly shed some more light. Regards -Dinesh