[49631] in North American Network Operators' Group
Re: DOS attack from PANAMSAT
daemon@ATHENA.MIT.EDU (Clayton Fiske)
Sun Jul 7 16:28:23 2002
Date: Sun, 7 Jul 2002 13:27:52 -0700
From: Clayton Fiske <clay@bloomcounty.org>
To: NANOG <nanog@merit.edu>
In-Reply-To: <200207072016.g67KGCnD006724@turing-police.cc.vt.edu>; from Valdis.Kletnieks@vt.edu on Sun, Jul 07, 2002 at 04:16:12PM -0400
Errors-To: owner-nanog-outgoing@merit.edu
On Sun, Jul 07, 2002 at 04:16:12PM -0400, Valdis.Kletnieks@vt.edu wrote:
> On Sun, 07 Jul 2002 12:45:13 PDT, Clayton Fiske <clay@bloomcounty.org> said:
>
> > Don't forget 3) the machine compromised isn't capable of spoofing.
> > In Win95/98/ME/NT, there is no raw socket functionality. I don't
>
> The fact that there is no raw socket *API* doesn't mean it's that much
> more difficult to convince the device driver to send a packet that isn't
> strictly kosher.
Sure, but the idea that the kids doing the harvesting a) know how to
do such a thing and b) care if the compromised machine is traced is
a stretch in my mind. As a previous poster said, if a DDoS comes
from enough different sources, it doesn't matter if they're really
spoofed or not.
-c
