[18506] in bugtraq
Re: New DDoS?
daemon@ATHENA.MIT.EDU (Alfred Perlstein)
Tue Jan 9 18:29:48 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-ID: <20010109105144.V15744@fw.wintelcom.net>
Date: Tue, 9 Jan 2001 10:51:44 -0800
Reply-To: Alfred Perlstein <bright@WINTELCOM.NET>
From: Alfred Perlstein <bright@WINTELCOM.NET>
X-To: nealk <nealk@verinet.com>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200101090140.f091e4d37756@deimos.frii.com>; from
nealk@verinet.com on Tue, Jan 09, 2001 at 08:07:37AM -0800
* nealk <nealk@verinet.com> [010109 10:41] wrote:
> I think I have stumbled across a new category of distributed denial
> of service (DDoS). (If this is old news, I'm sure I'll be corrected;
> it's new to me.)
>
> Traditional DDoS have the follow flow:
> - A host (or few hosts) controls a large number of clients.
> - The clients are directed by the host to attack a single site/server.
> The attack can either be network or service oriented.
>
>
> Alternate (New) DDoS model:
> - Server 'A' directly prevents all clients from accessing server 'B'.
>
>
> Here's an example of how it could work:
> I recently posted about a Flash plugin risk that can crash or hang a browser.
>
> Let's say that someone placed a corrupt Flash (SWF) file on a web server.
> All clients that access the web server and that view the Flash file
> (about 90% of all browsers can, so this is a good assumption) will
> have their browsers crash or hang.
While this is a possibility, it doesn't make much sense, news would
spread like wildfire and people would drop links to the add service
pretty quickly. Your attack would need either:
a) a suicidal company.
b) a hacked ad server.
c) widespread DNS poisoning.
Ad services can do other nasties like using 302s to redirect hundreds
or thousands of hits to a particularly system intensive service on
a remote site, that's a nasty DoS but also a good way to get yourself
involved in a nasty lawsuit.
--
-Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org]
"I have the heart of a child; I keep it in a jar on my desk."
