Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Pastimes : Computer Learning -- Ignore unavailable to you. Want to Upgrade?

To: Raymond Duray who wrote (20203)	6/2/2001 4:21:23 PM
From: mr.mark	Read Replies (1) \| Respond to of 110652

hi ray re, "Late Edit: As of 11:00 AM PST - The http://.grc.com site is again "currently unavailable" well, for one thing, that's a bum link you put up because there's an extra dot inserted just before grc. grc.com does work. not saying gibson's site isn't having probs again (it is, see below), but i am there now, and wanted to note the prob with the link in your post. ******************************* An Open Letter to the Internet's Hackers Page last modified: Jun 01, 2001 at 12:47 I surrender. I surrender right now, completely and unconditionally. And I'm not kidding. It is my intention to carefully and completely explain, to the entire world, exactly why there is no defense against the sorts of clever Internet attacks you guys can create. I want to do that because the world still doesn't get it. It occurred to me that you might think that I think I'm invulnerable after managing to block the IRC Zombie/Bot attacks, so I wanted to be SURE that you understood that I AM UNDER NO SUCH DELUSION. I was talking to a reporter on the phone a few hours ago, during the first REAL, non-blockable attack we have ever experienced. And I calmly explained that we were under attack and off the Net. In a bit of a panic, he asked what I was going to do about it. So I told him that I was going to take a long walk on the beach — because you and I both know there's absolutely NOTHING I CAN DO to defend against a real, professional, Internet Denial of Service attack. So I might as well enjoy the day. I have started working on a next set of pages to explain all this. The pages are not finished, but you can see what I have so far, and where I'm going with it: (Page 1)http://grc.com/dos/TheInternet.htm (Page 2)http://grc.com/dos/PacketRouting.htm So, I respectfully ask that you leave me alone and allow my site to stay on the Net. I know that you can easily knock me off. That's not even a question. But only if I'm here can I explain that to the rest of the planet. Thank you for your consideration . . . and for your charity. Steve grc.com ******************************* as of this hour, i am able to navigate gibson's site. i guess he pissed those dudes off when he intruded into their irc private room. just a guess. :) mark

To: Raymond Duray who wrote (20203)	6/2/2001 10:55:32 PM
From: SIer formerly known as Joe B.	Respond to of 110652

Steve Gibson's quoting towards the end of this article. DoS attacks: No remedy in sight Friday June 01 07:14 PM EDT dailynews.yahoo.com By Robert Lemos, ZDNet News DoS attacks like the recent one on the CERT Web site are becoming more dangerous and all too common. Security experts agree: The Net is unprepared for handling what could become a DoS catastrophe. Denial-of-service (news - web sites) attacks are becoming more common and, in many cases, more serious, security experts said in the wake of an attack on the Internet's main warning system for security threats. An unknown attacker last week hit the Computer Emergency Response Team (CERT) Coordination Center, an important agency for passing information on the latest vulnerabilities in computer systems among security experts. The denial-of-service attack flooded the center's Web site with data requests and made the site--and its crucial security advisories--almost impossible to access for more than 24 hours. "While there are other agencies out there providing similar services to CERT, what if it had been a more sensitive system or one we had more dependence on?" said Stefan Savage, a professor of computer science at the University of California, San Diego, and co-founder of security company Asta Networks. For Stefan and other security experts, the CERT attack and a similar series of May attacks of the main White House Web site, Whitehouse.gov, underscore the Net's lack of preparedness for handling what could become a catastrophe. Thousands of attacks happen each week. Savage co-authored a paper published last week that found that at least 4,000 denial-of-service attacks happen each week. The potential damage from such attacks rises as increasingly critical services are being put online, Savage said. "If you disrupt e-business enough, then you do some lasting damage to people's trust in that part of our economy," he said. "There are systems that would have more far-reaching impact. The trading networks for one. Anything that would allow you to disrupt other infrastructure: power grids or medical databases, for example." The largest problem with denial-of-service attacks is that, for the most part, they can't be traced. In a typical attack, an online vandal will use a computer to send millions of access requests to a Web server, overloading the target computer. Each request will have a randomly chosen return address, leaving the victim unsure where the actual attack is coming from. The attacks--which can also take the form of specially formatted data that can crash servers--are almost impossible to stop, unless the victim has enough clout to convince their Internet provider to help track the source. Just ask Steve Gibson, an independent security consultant known for his free Shields Up service for testing a PC's security across the Web. Since early May, Gibson has been the target of frequent denial-of-service attacks. While previous ones have been easily stopped with the cooperation of his ISP, on Friday another, more complex, attack took down his Web site. The attack--detailed on his Web site--used the random-source technique to make it seem as if data was coming from all over the Internet. "There is no defense," he said. "That is what is so important for people to understand." In a long posting on GRC.com, Gibson described a month of attacks on his site by an allegedly 13-year-old "script kiddie," a term used by security experts for young online vandals. "I hope it is becoming clear to everyone reading this," he wrote in the posting, "that we can not have a stable Internet economy while 13-year-old children are free to deny arbitrary Internet services with impunity." The problem is only getting worse. Earlier in the year, access to many of Microsoft's major Web sites was cut off for more than a day by two denial-of-service attacks. The same week, the FBI (news - web sites)'s Web site also was bombarded. Last year, the Internet Relay Chat system repeatedly came under attack over a period of more than three months. Gibson blames a lack of initiative on the part of Internet service providers for many of the problems. "For three years now, it has been known that we should filter packets on the way out of the network to make sure their addresses are valid," he said. "One of the things that could happen is that major backbone providers should make it a requirement that invalid packets are filtered out." Companies such as Savage's Asta Networks, and competitors Arbor Networks and Mazu Networks, are attempting to automate the response to such attacks. But such a technique would still require the cooperation of the major Internet service providers to be truly effective. Until Internet service providers start to police people who send data with improper sourcing, denial-of-service attacks will continue, Gibson said. Until then? "I'm going to have a long lunch," he said. "There's nothing I can do. Check GRC.com every day or two and maybe we will come back."