|
<<
^
>>
Date: 1999-01-23
Smurf-attack: Die Pingflut kommt
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
Dass der Mensch auch im Netze grundsätzlich nicht
unbedingt ein Guter ist, zeigt die steigende Zahl sogenannter
"Smurf-Attacks." Ein einziger, schlimmer User kann ganze
Provider-Netzwerke in einer Ping/Springflut ersaufen lassen,
bloss weil er sich mit einem einzigen, anderen User um ein
Chat/Pseudonym gestritten hat.
post/scrypt: Eine Kunst/partie, das sogenannte "Electronic
Disturbance Theater" verwechselt diese hirn/tote
Vorgangsweise mit Netzpolitik.
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
Andy Patrizio
January 21, 1999 A growing number of network
administrators are finding themselves on the receiving end of
an attack that they can't stop, thanks to an exploit in TCP/IP
and one malicious hacker.
Problems often originate on Internet Relay Chat, a real-time
chat network known as IRC with thousands of channels and
tens of thousands of users where people meet and talk in
"chat rooms" in real time.
....
Fights frequently break out in these channels as network
gurus put their knowledge of TCP/IP to the worst kind of use.
By using a flaw in TCP/IP, it's possible to attack anyone on
IRC -- to knock them off chat and even take down their ISP.
The attack is called a "Smurf" attack. Smurf works by
sending out a ping to hundreds or even thousands of sites
and telling them to all respond to a single IP address.
...
A user with a 28.8k modem can put out enough bandwidth to
fill one-third of the capacity of a T1 (1.54 megabits/sec.) line,
according to Gary, an IRC operator who asked that his full
name not be used.
...
"I used to use IRC to chat, but now I've got to try not to get
flooded off and try not to get hacked," he said.
...
The Computer Emergency Response Team (CERT) at
Carnegie-Mellon University said Smurf attacks went up from
3 percent of reported incidents in January 1998 to 10 percent
by December of that year, according to Jed Pickel, a
member of the CERT technical staff.
...
Yale recently removed its IRC server because of these
attacks and New York University was recently flooded so bad
it was off the network for two weeks, he said.
...
As bad as Smurf attacks are, there's no way to stop them.
The packet flood can be blocked at the router or at the
upstream service provider, but that doesn't prevent the flood
from being unleashed in the first place.
...
There are ways to solve the problem, Gary said. IPv6, the
next generation of the TCP/IP networking protocol, will close
this loophole and not allow for domain spoofing, but it won't
see wide deployment for several years.
...
full text
http://www.nytimes.com/techweb/TW_Internet_Chat_Wars_Spill_Over_.html
relayed by
[email protected] via mea culpa [email protected]
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
edited by
published on: 1999-01-23
comments to [email protected]
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
<<
^
>>
|
|
|
|