Friday, February 6, 2004 - 2:11 PM JST
Name:
taro
"ultragaijin" in Janet Jackson tops 9/11 (and KILLS FG)Janet Jackson's flash dance tops Web search...
...and {FG} server blowing.
Refer to a far darker cause for the server blowing at Kuro5hin copied here under their liberal "copyleft" policy.
----
The FBI Called Again
Wed Feb 4th, 2004 at 04:34:09 PM EST / Kuro5hin
Our network was shut down by DDOS attacks for 4 hours a day, three days in a row. Today we got a message from the FBI. Apparently they are investigating:
My name is [snip] and I'm an FBI Agent in [snip] investigating a distributed denial of service attack affecting several different companies around the U.S. and in some foreign countries. I'm writing to ask for your help. Please call me at your earliest opportunity. Thanks!
My response to the FBI's request:
Yes, we were hit with a DDOS attack that shut down hundreds of websites for several hours. This attack cost us over $2000 in bandwidth fees. As a partner, that money comes right out of my meager salary.
Although I was hurt, I'm looking at this rationally.
Ultimately, the problem with DDOS attacks is that ISP's don't implement egress filtering (also known as RPF), and O/S vendors ship systems without adequate security. In other words, it's trivial for ISP's to stop these attacks. Perhaps it is because ISP's make extra money in bandwidth fees when these attack occur that they fail to implement these rudimentary measures. Perhaps it's simply Microsoft's laziness in executing every program without a security context....
We can't arrest every curious 16 year old kid. We need to, instead, stop the irresponsibility of the billion dollar corporations that are wasting your time and mine.
More information on this issue can be found here: http://www.ddos-ca.org/
NOTE: The networks affected were managed by [snip] and [snip]. They will be able to provide you with details. If you need any more information, we will provide it as required by law.
I hope they don't take my response as antagonistic.
DDOS attacks have cost me over $17,000 over the last 3 years. I have no sympathy for the attackers. But I have less sympathy for lazy billion-dollar corporations.
A friend of mine came up with this analogy: "When an ISP charges a victim of a DDOS attack, that's like a waiter at a restaurant dropping your dish on the floor, making you wait 2 hours for your food, and then putting the dropped meal on the bill."
So why haven't ISP's implemented endpoint egress filters? The problem with DDOS security is this: if you implement DDOS security, it does not protect your network, it merely prevents your network from harming others. Why would an ISP spend extra time and effort implementing a security protocol that was good for everyone else... but not for them?