>From: "Samuel W. Heywood" <[EMAIL PROTECTED]>
> > "Tibor Mocsar" <[EMAIL PROTECTED]> wrote:
>
> >> It's not easy to defeat a "denial of service" attack.
>
> > It's trivial to stop many of them though. Providers simply won't do it.
>Why
> > the hell do ISPs pass traffic sourced from outside their network that
> > originates from within? Do the users of those ISPs now "deserve" a DoS
> > flood?
>
>We are hearing a lot these days on the SurvPC list and also on the Arachne
>List about "denial of service" attacks. Could someone please post a URL
>where we can find a FAQ on the subject?
>
>Sam Heywood
to find info about denial of service attacks and also about viruses, worms,
security bugs in programs and so on, you may want to have a look at the
following sites :
http://www.rootshell.com
http://xforce.iss.net (warning: this site is a bit fancy, and i think it
uses javascript, but it got lots of info)
How does a denial of service attack works ? well, in fact it's quite
simple... The hacker first infects a couple of machines... suppose a student
infects say 50 powerfull machines at his school.. on these machines he runs
a little program(A)... then on his own machine he has a second program
running(B).. when he has infected enough machines, and decides to launch an
attack, he uses program B which acts as a remote control for all programs A.
so he sends orders to the programs A to send 'packets' to the machine he
wants to attack... so the programs A all start to send internet packets to
that one machine... suppose that machine is an email server, then you send
packets to the mail port on that machine... so suddenly that machine gets
thousands of packets... the mail server wants to 'treat' all these packets,
but can't handle that much.. so i think then memory gets used up, machine
starts trashing, slows down... and finally that machine runs out of memory
and gets down.. i'm not sure about the last... but i think that's the whole
'idea' behind it...
Piwi
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
To unsubscribe from SURVPC send a message to [EMAIL PROTECTED] with
unsubscribe SURVPC in the body of the message.
Also, trim this footer from any quoted replies.
More info can be found at;
http://www.softcon.com/archives/SURVPC.html
