// First of all; please, I use word Russia only because it reflect a lot of other countries such as east europe, Israel, latin america etc etc - which have edicated people but have not this idiosyncrasy about the law and order... Don't write about _terrignle russion hackers are damaged the whole word; I so such hackers in american movies only... First of all, people here (in USA) respect law, people in other countries does not. How often you are driving 100Mph? (Sorry, you are in Italy? I suspect your answer will be _yes, every day_. But if you was from USA, you (may be) never reach this speed because you respect law... For comparasion - in Russia (where there is a little of high quality roads) do it every day - they drive as fast as they can, not as it is posted...if They never are thinking about _the law_ - they are leaded by their own brains. So does the kiddies. But it's _common phylosophy_. On the other hand, I had a 2 years experience working (part time, I was a head of NOC) as a RU-CERT expert, tracing hackers, prosecuting them. We revealed 2 generation of our own _script kiddies_, traced a lot of different IRC's, maintained a few honey spots, etc etc... results? We saw a lot of different hackers, virtual or real ones, but we never saw any hacker from USA. After I come here and began to work here, I understood _why_ we saw so strange picture... Kiddies here _have something to lost_ - they have their education, their loans, their future plans. Kiddies in other countries have much more spare time, have nothing to lost, are not obligated to buy software (any software is FREE, do you know it? You don't think so? You can come to ANY computer market in any country out of USA and west europe, and you'll find ANY software by the price of 5$/600Mb... So, if some kiddy want to install MSVC, he need 1$ only - less than his lunch). I have not good statistic. Today, I saw a few articles about _honeyspots_ and _honeynets_, and I suspect this guys can collect some useful statistic. My impression was _guys in USA write something but does not use it for the wide intrusion; kiddies in Russia, Israel, Korea etc use this software to collect exploits, roots, accounts, credit cards over the world.... It is mostly games, but sometimes it became dangerous. IRC is another thing... It was, it is, it will be some kind of natural _honey pot_ for the hackers. So use it, don't fight it -:). ----- Original Message ----- From: "Rafi Sadowsky" <rafi-nanog@meron.openu.ac.il> To: <up@3.am> Cc: <nanog@merit.edu> Sent: Thursday, July 12, 2001 5:08 PM Subject: Re: DDoS attacks
On Thu, 12 Jul 2001 up@3.am wrote:
[deleted]
On Thu, 12 Jul 2001, Alexei Roudnev wrote:
One important notice - most of this kiddies are not from USA.
How exactly did you get to this conclusion ??
The smarter script kiddies can crack systems in a few countries and use a few hops to get the place they installed the zombie master for example:
<cracker> -> <Romania> -> <china> -> <Poland(DDoS master>
Good luck to you tracing the attack to the cracker ;-)
- Rafi
-- Rafi Sadowsky rafi@cert.ac.il Network Operations Center |VoiceMail: +972-3-646-0592 FAX: +972-3-646-0454 ILAN - IUCC -I2(Israel) | FIRST-REP for ILAN-CERT(CERT@CERT.AC.IL) (Israeli Academic Network) | (PGP key -> ) http://telem.openu.ac.il/~rafi
----- Original Message -----
I can't help but believe that if even 20% of them were caught and had to spend just a little time (even hours) with the cops, and had their peecees confiscated, you'd not be seeing nearly the problems we are now.
James Smallacombe PlantageNet, Inc. CEO and Janitor up@3.am http://3.am =========================================================================