----- Original Message -----
From: "Karl J. Runge" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, July 06, 2001 3:43 AM
Subject: grc.com Ddos analysis
>
> FYI: I found these to be interesting reads about a distributed denial
> of service (ddos) attack against grc.com by trojaned windows machines:
>
> http://grc.com/dos/grcdos.htm
> http://grc.com/dos/winxp.htm
>
> the latter having a great photo about Microsoft XP zombies :-)
I have been following this for some time now. The reason a Linux machine on
a cable modem is so desireable to these hackers is exactly that: The Linux
machine can spoof its source IP address, thus hiding its identity from the
attacked site's admin, and, more importantly, from the ISP.
Windows 9x machines are not cabable of this. But apparently XP machines are,
and Gibson fears that millions of untrained users with XP and Outlook to
propagate viruses with the trojans in them will bring chaos to the internet.
The machines will be able to hide themselves (and their usurpers) from the
ISPs and the authorities, and the users will be too stupid to realize they
do not have full control of their machines, allowing the attacks to proceed
unabated.
>
> Steve Gibson (grc.com) is the author of spinrite (HD analyzer/corrector)
> way back from the DOS days, and now dabbles in internet security issues
> (ShieldsUP, etc). Some of his statements & predictions seem a bit
> overplayed, but overall it is pretty interesting stuff.
This (among other things) is the main reason I do not have a Linux machine
directly connected to the internet (I have one at work behind a NAT
firewall.) When I DO put up a Linux machine on my cable modem, it will be
behind a dedicated firewall/router of some kind.
It is also the reason I installed ZoneAlarm on my Windows boxes :o)
Rich Cloutier
SYSTEM SUPPORT SERVICES
www.sysupport.com
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
