+1 Daniel Preussker [ Research and Engineering [ Daniel@xxxxxxxxxxxxx [ http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x87E736968E490AA1 On 16.08.2013, at 23:49, adam wrote: > Jann, you know what's even worse than someone being a dick for no > reason? Someone being a _stupid_ dick for no reason. In case you're > unaware, the word "massive" was completely absent from this thread > until YOU attempted to put it in someone elses' mouth. Beyond that, > since you want to rip apart an innocent guy's post, let's see what > happens when someone does it to yours. > > "DDoS? So you mean your systems were impacted by that?" > > Impacted is not the word you were looking for, since the answer to > that would technically be a yes - not the no you were expecting. That > aside, a denial of service attack is still a denial of service attack > regardless of whether it succeeds or not. In fact, if you look up the > definition - you'll see that it's _an attempt_ to make X unavailable. > Not necessarily a successful one. > > "Let me google that for you. Hmm. Assigned to "Polipo Web proxy"." > > Psst.. you may want to read the entire thread title. > > "Oooh, a storm!" > > storm > Verb > Move angrily or forcefully in a specified direction: "she stormed off". > > Whether you like it or not, it meets the definition. > > "Your systems were impacted by a DoS attack with 30 packets per > second? You might > want to upgrade to hardware that is a few decades newer." > > How much of the original post did you actually read? Nowhere in it did > the OP say that this attack succeeded. Again, just like above - YOU > are the one who first used the word impact[ed]. It's funny how you put > words in peoples' mouths, and then reply to them as though they > actually said it. More than that, the only thing the OP mentioned was > that one of his log files were corrupted in the process of the attack. > I didn't read that the attack succeeded, shut down the service, his > machine, his network or anything else - and neither did you. > > "You were attacked by "O=TCP SPT=2216"? Cool story." > > Oh my God, there was a line in there that didn't have an IP address? > What a RETARD the OP must be. How can anyone be so stupid? I bet the > earth stopped spinning when that happened. Think so? > > "He said above 30 packets per second, right? I'll just assume it's around 30. > And the sample packet from that "packet storm" contained this part: "LEN=52". > So that's around 1500 bytes per second, or 12 kilobits per second. And those > packets are downstream for him." > > You're randomly assuming that all of the packets were the exact same > length, which makes anything derived from that assumption > automatically flawed. > > "A good modem connection can give you up to 56kbit/s per direction as far as I > understand." > > You've never used dialup, have you? What you're saying is that "good > modems" (what exactly is a bad modem?) get 7KB/s down and 7KB/s up - > that is completely untrue. It's a lot closer to 5KB/s down (if you're > lucky) and 2KB/s up. Aside from all of this, again, I reiterate that > you have no idea what size the other 19,044 packets were. Anyway, yes > - if your assumption were correct (52*19045 through a 56k modem) then > it'd take only a few minutes to download all of the data (which > doesn't even total a meg). > > HOWEVER, there are still a multitude of things wrong with your entire > stance. Firstly, bandwidth exhaustion is NOT the only way to perform a > denial of service. In fact, in my opinion, it should be the last > resort. There are much much better ways to do it, depending on the > service being targeted. For example, some popular multiplayer games > can be brought down with a single packet. Some can be kept down with > that single packet, others require one group of packets to be kept > down, and then some others require that one packet every X minutes. I > use game servers only as an example. > > If his log becoming corrupted was intentional, then it's entirely > possible that the point of the attack wasn't to exhaust bandwidth but > to crash the actual server application (or worse, exploit it in a way > that can lead to remote access). No matter what the case though, > almost every one of your points have been based on seemingly random > (and likely inapplicable) assumptions you've made. So on top of coming > across as a prick, you're also coming across as a clueless prick. And > for no reason whatsoever. > > Way to go. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
Attachment:
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/