23 Jun
2001
23 Jun
'01
7:11 p.m.
So what do we do about it? There are 10th of thousands of "0wned" machines out there. 10.000 machines sending one SYN per second to somewhere constitutes a 6mbit SYN flood that'll make almost any web server get into trouble. 10 SYNs per second and we're really talking traffic here. From spoofed sources because ISPs do not source address filter? Gah. Basically untraceable.
Wouldn't it be poetic justice if/when these "Owned" Windoze machines turn their attentions to www.microsoft.com? That would get Microsoft's attention. I don't care how big their pipes or how widely distributed their servers. A DDOS like this would be devastating.