Like the comment below the article says, that line about turning off recursive DNS is pretty lame. Tantamount to saying "if you don't want me coming in your house you shouldn't have used wooden doors n00b!". It's still breaking and entering. Call me crazy but I tend to think every service has a Backdoor these days. It's not surprising to see one for a Ddos service. In other news, the sky is still blue. Thanks for sharing the article though! Was a fun read. Cheers, Joshua Sent from my iPhone On May 19, 2013, at 4:59 PM, "Michael Painter" <tvhawaii@shaka.com> wrote:
http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-ble...
On 20 May 2013 01:58, Michael Painter <tvhawaii@shaka.com> wrote:
http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-ble...
More on the same topic. http://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-back... Maybe the FBI use this to commit crimes in USA using a foreign company as proxy so nothing dirty show on the books. That way the FBI can avoid respecting USA laws. -- -- ℱin del ℳensaje.
No proxy needed. No need to hide. While working for a very large hosting company, I once observed DHS hammering an occupy related website. No attempt to hide the source ip or anything. What are you going to do? Sue them? If they wish to take a site offline, they will ddos it or simply seize the domain under the national security banner. "<<"tei''>>>" <oscar.vives@gmail.com> wrote:
-- Charles Wyble charles@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org)
Yes. I'm aware of that. It would be futile in most cases, which is a huge problem in and of itself, as that's really the only recourse. I mean they were using a shared hosting plan. Not exactly deep pocketed. My point is that the abuse of power is blatant and they are unafraid of any kind of retaliation. They don't need to hide. Mike Hale <eyeronic.design@gmail.com> wrote:
-- Charles Wyble charles@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org)
Would it be futile though? I mean...DHS running a DOS against an American organization is the kind of stuff that makes Constitutional lawyers salivate. I'm not trying to call you out, btw. I'm genuinely curious why the hosting company itself didn't file suit. You've got a US Government agency abusing your resources and acting in a blatantly illegal manner. That's the kind of stuff that results in letters of resignation when publicized. On Mon, May 20, 2013 at 12:13 PM, Charles Wyble <charles-lists@knownelement.com> wrote:
-- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Sorry. The occupy site was on a shared hosting plan at the company I worked for. Source determined via Whois output for the attacking ip found via our analysis. It was a rather crude dos attack (repeated get requests). At first we figured they were just mirroring the site for offline analysis or something, but it soon became evident they were just hammering the site. Yes we could of sued. However the inevitable stonewalling, endless resources of the feds etc would of made for a long and exhaustive legal battle. This was at the height of the occupy activities. Far worse offenses were being committed by federal, state and local govts during that period than a dos attack by DHS. "Jason L. Sparks" <jlsparks@gmail.com> wrote:
-- Charles Wyble charles@knownelement.com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org)
Are you certain it was a DoS attempt? They may have just been running a surveillance software package such as URLy warning, which GETs the pages of a site repeatedly and diffs them to watch for updates. In the case of an (non-)organization like Occupy I can't imagine law enforcement would neglect to do this. I've been on the receiving end of this sort of thing myself (long story). -- Jayfar On Tue, May 21, 2013 at 12:07 AM, Charles Wyble <charles-lists@knownelement.com> wrote:
On May 20, 2013, at 9:56 PM, Jay Farrell <jayfar@jayfar.com> wrote:
Are you certain it was a DoS attempt?
And if you were certain, are you certain the folks at DHS were aware their machine(s) were engaged in a DoS attack? You can find zombies in the oddest places... Regards, -drc
Maybe my tinfoil isn't on tight enough, or maybe I give to much credit to a gov't, or perhaps I'm just feeding the trolls, but I have a very hard time believing that DHS, launched a DoS from their own machines. -jim On Tue, May 21, 2013 at 12:18 PM, David Conrad <drc@virtualized.org> wrote:
Smells more like a honeypot than anything. Now that this guy's clearly decided to open his mouth and claim he's got the green light from the Fed, I wouldn't be surprised if they change their mind. On Tue, May 21, 2013 at 1:54 PM, Phil Fagan <philfagan@gmail.com> wrote:
-- Ryan Gard
participants (11)
-
<<"tei''>>>
-
Charles Wyble
-
David Conrad
-
Jason L. Sparks
-
Jay Farrell
-
jim deleskie
-
Joshua Goldbard
-
Michael Painter
-
Mike Hale
-
Phil Fagan
-
Ryan Gard