Haha lets all ddos through tor.....and proxies...thats how we speed shit up. -- tuna 65617420646120706f6f20706f6f
On Mon, Feb 13, 2012 at 14:14, Sanguinarious Rose <[email protected]> wrote: > Ah what a wonderful gem of pure and real research into todays upcoming > threats. Today is the day we learn to phear sites like xroxy.com > because God forbid some of those silly kids using their 9001 proxies > from their 56k dial-ups will over-run google, youtube, facebook, and > the world! Dear God what will we do?!?!? When will it end! Think of > the cute kittens you deprive us of evil proxy hackers! > > Today is the day I learned hackers can cast magick upon outgoing > packets through proxies to somehow make them more bigger. I propose > these are some kind of Christian hackers with God on their side to > manipulate the very foundational laws of physics and electricity! > > Excuse me Mr. Amorim but what God alas do you pray to for this? Is it > some kind of Christian Magick? > > On Sun, Feb 12, 2012 at 9:09 AM, Lucas Fernando Amorim > <[email protected]> wrote: >> With the recent wave of DDoS, a concern that was not taken is the model >> where the zombies were not compromised by a Trojan. In the standard >> modeling of DDoS attack, the machines are purchased, usually in a VPS, >> or are obtained through Trojans, thus forming a botnet. But the >> arbitrary shape doesn't need acquire a collection of computers. >> Programs, servers and protocols are used to arbitrarily make requests on >> the target. P2P programs are especially vulnerable, DNS, internet >> proxies, and many sites that make requests of user like Facebook or W3C, >> also are. >> >> Precisely I made a proof-of-concept script of 60 lines hitting most of >> HTTP servers on the Internet, even if they have protections likely >> mod_security, mod_evasive. This can be found on this link [1] at GitHub. >> The solution of the problem depends only on the reformulation of >> protocols and limitations on the number of concurrent requests and >> totals by proxies and programs for a given site, when exceeded returning >> a cached copy of the last request. >> >> [1] https://github.com/lfamorim/barrelroll >> >> Cheers, >> Lucas Fernando Amorim >> http://twitter.com/lfamorim >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
