> And yes, getting massive zombie swarms to use in an attack is > much easier but IP spoofing is still a huge advantage. If I > am getting attacked from a set of machines, I can just tell > my ISP or firewall to filter out packets from those specific > addresses. Attack over. But if each of those zombies is > spoofing a random IP address and keeps changing it every few > seconds, now I can't filter the attack as easily. And did > you even read the section about spoofing the addresses of the > hub routers? That was the second attack that hit him, using > spoofed packets.
Yes, and there are enough hosts out there to do this with or without XP RAW sockets. Would it have been much worse with the addition of XP hosts? Maybe, but after a certain point you have enough DoS power that it's diminishing returns. By the way, did you also know that nearly all IP spoofing can be defeated if all ISPs properly configured their edge routers? Most of them do not do it because it is additional work, planning, and load on their routers. > Sure, the doomsday scenario he predicted didn't come totally true. > Why? Because there is no incentive. Instead of evolving > towards malicious destruction of the net, the hacker > community has evolved towards MAKING MONEY. Nowadays, all > the exploits, hacks, and attacks you see are mainly aimed > towards getting code installed for the purpose of delivering > adware, spyware, or malware. There is still some DDoS > attacks that are done for profit or ransom, but there is a > whole lot more money to be made in the other rackets. And I > really believe that is why Gibson's prediction of mass DDoS > attacks never came true. Right, there is no incentive which is the number one reason why a lot of people were never significantly afraid of 'hackers' wiping out things like root DNS servers and such. Who would be dumb enough to wipe out their own infrastructure except a megalomanic? I never could understand the allure of writing viruses that would wipe out people's harddisks for fun. > Of course his predictions about spyware and the such DID come true. > Shields Up isn't the best program out right now, but a few > years ago it was the ONLY program and it was pretty damn good > for its time. > Once again the market evolved and now there are tons of > companies making anti-spyware, malware, and adware products. > All of them are building on the original concept and work > that Gibson did. I don't know about giving Gibson credit for originating the idea. That's always a tough cookie to crack, but he was probably one of the more visible ones early on. Well, the spyware idea is an ancient idea from ages of lore. The idea that your computer is watching you and logging everything you do. That's the kind of stuff people were fearful of even in the DOS days but it was just ridiculously impractical. Or those who insist Windows 3.11 is the last one without the mysterious Backdoor (tm)! Many respectable security experts long since argued ActiveX was a dangerous technology during the ActiveX vs Javascript wars (back when Netscape was still alive) and this was probably before Gibson mentioned the word "spyware". > I am willing to overlook Gibson's flair for the dramatic, the > occasional pimping of his products, and him being wrong on a > few details. Name one site on the net that doesn't do those > things. And most of his products he doesn't charge for - > like the software he wrote to detect the WMF bug. I still > find his dissection of internet and computer security issues > very interesting and very useful. > > -- > Brian Well, it isn't related to 'computers' but www.bythom.com is pretty good. :) You don't have to charge for information to be indirectly using it for economic gain. In fact, that's the new small business model for this type of thing. But I digress. I did say earlier he has some things to say and offer, but all in all take it with a grain of salt. There are tons of other security experts who are far more respectable and even then you shouldn't always take what they say as gospel. - Carroll Kong
