[38921] in North American Network Operators' Group
RE: DDOS anecdotes
daemon@ATHENA.MIT.EDU (Bohdan Tashchuk)
Sat Jun 23 19:11:05 2001
Message-ID: <3B35223C.59B9EB76@easystreet.com>
Date: Sat, 23 Jun 2001 16:11:56 -0700
From: Bohdan Tashchuk <tashchuk@easystreet.com>
MIME-Version: 1.0
To: nanog@merit.edu
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
> So what do we do about it? There are 10th of thousands of "0wned" machines
> out there. 10.000 machines sending one SYN per second to somewhere
> constitutes a 6mbit SYN flood that'll make almost any web server get into
> trouble. 10 SYNs per second and we're really talking traffic here. From
> spoofed sources because ISPs do not source address filter? Gah. Basically
> untraceable.
Wouldn't it be poetic justice if/when these "Owned" Windoze machines
turn their attentions to www.microsoft.com?
That would get Microsoft's attention. I don't care how big their pipes
or how widely distributed their servers. A DDOS like this would be
devastating.
