Sims
Member
Registered: 15th Aug 03
Location: Bath/Bristol area Drove: 1994 Corsa SRi Now: VTR
User status: Offline
|
Has anyone ever been involved or subject to one of these attacks?
Do you know much about it yourself? i realise there are many different types. Good old Wikipedia.
I'm just very interested in it. Please discuss.
Simsy 
[Edited on 27-09-2006 by Sims]
|
Steve
Premium Member
Registered: 30th Mar 02
Location: Worcestershire Drives: Defender
User status: Offline
|
wtf are you interested in it?
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
Who are you trying to dos
|
Steve
Premium Member
Registered: 30th Mar 02
Location: Worcestershire Drives: Defender
User status: Offline
|
i remember when it was possible to crash CS by holding down the F5 key 
|
Sims
Member
Registered: 15th Aug 03
Location: Bath/Bristol area Drove: 1994 Corsa SRi Now: VTR
User status: Offline
|
lol Steve. Must have been a flakey server.
Reason why i was interested was because me and several other colleagues maybe made redundant.
We work for a company that has a sister company involved in hosting services for some major clients. One being a major phone network and another being a major Sat-Navigation provider, plus many other big companies.
One of the two directors has gone Awol and is using our company as leverage to gain full ownership of the other from the other director.
Me and my colleagues mentioned DOS and how it would shaft this guy if we were made redundant.
Just wondered what was involved in such an attack. I wouldn't actually carry it out, because its stupid and there are serious legal consequences.
Was just interested 
[Edited on 27-09-2006 by Sims]
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
You would need the bandwidth to be able to do it, which normally involves many bot machines.
|
Sims
Member
Registered: 15th Aug 03
Location: Bath/Bristol area Drove: 1994 Corsa SRi Now: VTR
User status: Offline
|
yeah its done alot through IRC isn't it Jon? You need more upload bandwidth than there download bandwidth.
If i'm right in remembering they have an 18mb pipe.
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
The irc thing afaik is just where the bots report to to be coordinated.
It woudln't really shaft the guy either.
I seriously doubt you could get the resources to sustain it for any amount of time.
You would also be caught very quickly as you said.
|
Sims
Member
Registered: 15th Aug 03
Location: Bath/Bristol area Drove: 1994 Corsa SRi Now: VTR
User status: Offline
|
Ahh so it works like a distributed system? with all bots communicating via a central point?
Your right it would be hard getting the resources together. I figured 36+ DSL connections to disrupt a 18mb service
But yeah it wouldn't be much of a concern for the guy and we would get caught quickly.
Have you been invloved in something similar John? or just aware of how it works?
[Edited on 27-09-2006 by Sims]
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
I've not been involved at all just read about it a few times and i've read about it on sites as it's happening before.
You don't need a ditributed system but the massive ones are.
Also, if you only have 36 dsl connections, or even more than that.
They would just have to block the ip addresses to stop it then worry about finding out who the culprit is.
When you are being attacked by hundreds of thousands or millions of infected computers though its slightly harder.
|
Sims
Member
Registered: 15th Aug 03
Location: Bath/Bristol area Drove: 1994 Corsa SRi Now: VTR
User status: Offline
|
Ahh fair enough. I see your point on the numbers required to have any affect/success.
Thanks for your input John. It is interesting stuff but out of my capabilities of implementing.
Anyway going into the office tomorrow to collect our code and personal files. I'm sure a punch from one of us lot will send a better message. I can see it happening now especially with us now possibly not getting paid this friday.
Simsy
[Edited on 27-09-2006 by Sims]
|
Nismo
Member
Registered: 12th Sep 02
User status: Offline
|
DoS is a criminal offence now.
|
Sims
Member
Registered: 15th Aug 03
Location: Bath/Bristol area Drove: 1994 Corsa SRi Now: VTR
User status: Offline
|
Hey Nath, i thought it was. So is assault so i'll se how it goes tomorrow.
Hopefully things will work out and the other director will gain full control of both companies which will = Happy Days
|
Nismo
Member
Registered: 12th Sep 02
User status: Offline
|
dude 
But to make any impact from it you need hundreds of people doing it.
|
Sims
Member
Registered: 15th Aug 03
Location: Bath/Bristol area Drove: 1994 Corsa SRi Now: VTR
User status: Offline
|
quote:
Originally posted by Nismo
dude
But to make any impact from it you need hundreds of people doing it.
hehe thanks Nath. yeah it ain't going to happen. Was just interested in how it was done after it was mentioned.
Thing that annoys me the most is the day it all went tits up, i got made permanent with a pay rise 2 hours before
[Edited on 27-09-2006 by Sims]
|
Dan B
Member
Registered: 25th Feb 01
User status: Offline
|
quote:
Originally posted by Sims
Ahh so it works like a distributed system? with all bots communicating via a central point?
Your right it would be hard getting the resources together. I figured 36+ DSL connections to disrupt a 18mb service
But yeah it wouldn't be much of a concern for the guy and we would get caught quickly.
Have you been invloved in something similar John? or just aware of how it works?
[Edited on 27-09-2006 by Sims]
Firstly, what you're suggesting contravenes one of the Computer Acts (can't remember which), and is punishable by up to £5,000 fine and 5 years in prison...
Secondly, assuming that 36 DSL connections would flood an 18Mbps line would also assume that those connections are SDSL (ie. symmetric - same up/down speed) and not the standard ADSL (ie. asymmetric - high down-speed, low up-speed). A standard 512kbps ADSL line has a 256kbps upstream, so you'd theoretically need 72 such lines to max out an 18Mbps line. Now, take into account ATM-packet-wrapping and suchlike, that lower your maximum theoretical speed, and your 256kbps theoretical upstream becomes more like 230-245kbps, meaning you'd need 75-80 such lines, assuming that these lines were in perfect working order.
Plus, in order to flood a connection, you'd have to hit it with considerably more than 100% of its capacity...
To conclude, as someone that could be involved in working out which attack came from where (part of my job, at the company I work for), and where those attacks originated from, I'd suggest not bothering in the first place and looking elsewhere for revenge.
|
Sims
Member
Registered: 15th Aug 03
Location: Bath/Bristol area Drove: 1994 Corsa SRi Now: VTR
User status: Offline
|
LOL Dan B. What a reply. I didn't go into working out the specifics for matching the bandwidth need to match their pipe. I was going by my Max DSL which has a slightly faster upload rate. But like you said i'd need alot more that 36
And to put your mind at rest, i'm not even going to attempt such an attack because i am aware of how easy it is to trace the attack.
Thanks for the reply though 
[Edited on 27-09-2006 by Sims]
|
Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Offline
|
The attacks that use IRC are distributed denial of service, DDOS.
Also known as DRDOS - distributed reflection denial. All the same thing. Read this.
http://www.grc.com/dos/drdos.htm
Law is Computer Misuse Act 1990 and although there have been convictions under this act for DOS attacks, it doesn't specifically mention them in its current form. That might change though.
http://www.theregister.co.uk/2006/01/26/uk_computer_crime_revamp/
|
John
Member
Registered: 30th Jun 03
User status: Offline
|
The grc site is exactly the site i was thinking of while writing that Ian.
They also have some nice little programs.
|
willay
Moderator
Organiser: South East, National Events
Premium Member
Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
|
I think this thread needs some major clue.
Firstly, DOS, denial of service is exactly what it means. You are causing a service to stop functioning as it should.
Now this can come in lots of forms, for example a machine will run various forms of services, say for example one of them services it ran (lets say Apache which is a webserver) had a bug which would cause it to crash when you sent the text string "LOLKITTENS" to it. If an attack caused Apache to crash so it couldnt serve web pages anymore to its users. That is a Denial of Service attack.
Then there is DDOS, Distributed Denial of Service, this is currently the latest and most popular form of attack on the net at the moment. People spend time coding worms to infect thousands apon thousands of machines so they can all group together to make a 'botnet'. They can then control these bots over communication channels such as IRC (Inter Relay Chat). The attack is actually just a flood of bandwidth, either making so many connections that the server/line can't handle the load or a SYN attack, which is where a machine opens a connection with the target and then stops communicating half way through the handshake.
For example, its like me saying hello! then stopping my conversation right away. The other party will be stood there going Hi..Hello? are you there?
Imagnie taht but times a few 100,000
|
corsa5dr
Member
Registered: 12th Jan 03
Location: Bath/Bristol - Evo 4 GSR
User status: Offline
|
PMSL Sims I dont even want to know whats going through your head
[Edited on 29-09-2006 by corsa5dr]
|
jamied
Member
Registered: 27th Oct 03
Location: Marbella,Spain Drives: C63
User status: Offline
|
SHOULD do a DOS on barry boys!
|
