AntiOnline: Maximum Security for a Connected World

Most freedom-loving individuals like to believe that they don't easily bow to the demands of bullies. But in the playground we call reality, there are always those that are persuaded to part with their lunch money.

In this day and age, criminals are increasingly resorting to technology to pad their coffers with ill-gained funds. Their latest weapon of choice? Distributed denial of service (DDoS) attacks.

DoS attacks have made headlines lately because of the recent MyDoom epidemic. The stories of how SCO.com faltered under the assault while Microsoft.com endured will undoubtedly become part of our IT folklore. It goes without saying that a serious DoS attack can cripple a business that draws significant revenue from its Web operations.

It's with the threat of sidelining your business that some unscrupulous geeks are raking in someone else's hard-earned money. Failure to produce the funds promises an onslaught from an army of zombie machines that do the bidding of the extortionist.

Learn how IT pros are coping with these demands and strengthening their networks so that such threats fall on deaf ears.


Note: The opinions expressed below are solely those of the individual posters on the AntiOnline forums.

Direct link to this week's spotlight thread:
Pay us or we'll DDoS you!

m34k's observations hint at a global problem.

I do contract work for a major ISP and you would be amazed at how many DDoS attacks happen on a regular basis. Yes, they are traceable, but it can be very time consuming...

For the most part, the attacks that I've backtraced have been out of places like Bolivia, Russia and Taiwan and are not really feasible to pursue so they end up getting away with it. We just take the hit on our routers and they eventually go away.

Producer relies on heavy-duty defenses and proactive measures to counter DDoS attacks.
I see lots of dos attacks, however the big firewalls out today (CP AI and PIX that I work with) can handle them with minor traffic loss. I can trace them in a few minutes and usually kill the BGP route from the offending black hole, or foreign IP.

I have never personally seen a successful DOS attack unless its a zombie virus. Those situations are usually fixed with reverse poison DNS (takes a few hours). The Zombie Dos attacks I have seen are IP. Even if it was DNS, I could solve that too.

muert0 provides a link to Gibson Research Corporation's findings after having been DDoSed.
http://grc.com/dos/grcdos.htm
Felonia knows first-hand what it's like to be the center of a scammer's unwanted attention. Some interesting bits...
I'm the owner of a hosting provider in Costa Rica, and for that reason we have quite a few clients in the gambling business. We have been experiencing awful DOS attacks from hundreds of Zombies all over Europe and the US and have invested in serious hardware like the WatchGuard V100 (20+ K) and secondary Internet pipes to survive these attacks, they are getting more and more sophisticated.

They use spoofed packets on port 80 so it's really difficult to solve and track unless the source computer is making over 100 connections per second.

Our clients constantly receive ransom notes from Russia asking for 30K via Western Union to stop the attacks.

Have you been on the receiving end of a DDoS attack? Share your experiences and survival tips here.


What is AntiOnline?

AntiOnline (AO) is home to many of the most popular network security discussion forums online. Here, participants engage in candid, thought-provoking and enlightening exchanges on the latest hazards and how to protect your systems against them.

We invite you to join the AO community (it's free!), share your wisdom and learn a few things in the process.