[45320] in North American Network Operators' Group
RE: WEF cyber-protest (was Re: distributed attack, high or not)
daemon@ATHENA.MIT.EDU (Daniel Golding)
Thu Jan 31 10:32:41 2002
From: "Daniel Golding" <dgolding@sockeye.com>
To: "Sean Donelan" <sean@donelan.com>,
"Steven M. Bellovin" <smb@research.att.com>
Cc: "Joseph T. Klein" <jtk@titania.net>, <nanog@merit.edu>
Date: Thu, 31 Jan 2002 10:30:56 -0500
Message-ID: <GKEFKKIKGCMICPKBAEIMMELHCFAA.dgolding@sockeye.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <Pine.GSO.4.40.0201310238250.16671-100000@clifden.donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
So, this is thinly veiled hacking, in the name of protest. Very nice. I
hope the folks doing this realize that this is no different than throwing a
brick through a window, or otherwise damaging people's property, and that
they are essentially vandals.
- Dan
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
> Sean Donelan
> Sent: Thursday, January 31, 2002 2:46 AM
> To: Steven M. Bellovin
> Cc: Joseph T. Klein; nanog@merit.edu
> Subject: WEF cyber-protest (was Re: distributed attack, high or not)
>
>
>
>
> We're entering protest season. The World Economic Forum opens
> today in New York City. Some protesters have launched what they
> call a cyber-protest using several different tools. So far it
> appears directed at a few selected, although well-known, corporations.
>
> http://www.geocities.com/net_strike_net/english_active.html
>
> On Wed, 30 Jan 2002, Steven M. Bellovin wrote:
> > It's a classic DDoS attack, aimed at you. Someone has lots of zombie
> > machines out there; at some point, they sent a command packet to all of
> > them, saying "bombard such-and-such an IP address for 3600 seconds".
> >
> > Common? It happens frequently to someone. Precursor? Entirely
> > possible, though there's no way to know for sure. But it can be very
> > bad -- see http://news.zdnet.co.uk/story/0,,t269-s2103098,00.html
> > for what happened to a British ISP.
>
