Forgot your password?

+ - IT Pro confession: How I helped in the BIGGEST DDoS OF ALL TIME->

Submitted by iComp
iComp (2523194) writes "Sysadmin blog I contributed to the massive DDoS attack against Spamhaus. What flowed through my network wasn't huge — it averaged 500Kbit/sec – but it contributed. This occurred because I made a simple configuration error when setting up a DNS server; it's fixed now, so let's do an autopsy.
The problem

I should start off by apologizing to CloudFlare and Spamhaus; my lapse contributed to a DDoS against their infrastructure. More damning than merely having been an unwitting participant is that I knew enough about this sort of attack to have set up rudimentary protections against it and yet I still forgot the critical component: actually disabling recursive lookups.

The way a DNS amplification attack works is simple. DNS servers can be configured in one of two basic ways. In one possible configuration a DNS server serves only domains for which it is responsible (authoritative). In the other configuration the DNS server serve those domains and goes looking on the wider internet for any domains it isn't personally set up to manage (recursive)."

Link to Original Source

+ - The Underhanded C Contest is back->

Submitted by Xcott Craver
Xcott Craver (615642) writes "After several years of inactivity, the Underhanded C contest has returned. The object is to write a short, readable, innocent-looking computer program that nevertheless performs some evil function for reasons that are not obvious under code review. The prize is a $200 gift certificate to ThinkGeek."
Link to Original Source

Comment: Sir Issac Newton is the deadliest son of a bitch (Score 1) 277

by Shadowruni (#38973907) Attached to: U.S. Navy Receives First Industry Built Railgun Prototype
"This, recruits, is a twenty-kilo ferrous slug. Feel the weight! Every five seconds, the main gun of an Everest-class dreadnought accelerates one to one-point-three percent of light-speed. It impacts with the force of a thirty-eight kiloton bomb — that is three times the yield of the city-buster dropped on Hiroshima back on Earth! That means SIR ISAAC NEWTON IS THE DEADLIEST SON OF A BITCH IN SPACE!"

— Gunnery Chief, Mass Effect 2

Comment: ...sigh... and they worked SO hard on the book. (Score 4, Interesting) 91

by Shadowruni (#38734672) Attached to: Hackers Steal $6.7M In Bank Cyber Heist
Read "Stealing the Network: How to own a Continent"

The whole book is this heist.


Just check out the summary.

The thing that makes this book series special is that they don't say, "I ran nmap and knew from the output they were running a webserver."

They say "I ran nmap with 'sudo nmap -P0 -T3 -p 80 -oA localscan'

And got:

Starting Nmap 5.21 ( ) at 2012-01-17 20:55 PST Nmap scan report for localhost ( Host is up (0.000083s latency). PORT STATE SERVICE 80/tcp open http Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds And could see from the line "80/tcp open http"

//Has the whole series and still remembers the props I got from Blue bore.

///Yes I know the example is a bit contrived but that is exactly how they present information in the series and I learned a lot from it.

Comment: Re:Danger (Score 1) 467

by Shadowruni (#38304662) Attached to: Bill Gates To Help China Build Traveling Wave Nuclear Reactor

An excursion event in a reactor isn't even close to the kiloton range (the one in reactor 4 at Chernobyl was only 33GW). The explosion you mentioned at Chernobyl was enough to toss a 2200 ton slab... but guess what... it was just steam radioactive as hell due to contamination from damaged rods (normally water in reactors when irradiated creates N-16 which is a short -lived (as in a few minutes) alpha emitter) ... but still just steam. The amount of force in the explosion at Chernobyl was only about 10 tons. Enough to totally jack up the core and it's fuel/control rods but not vaporize the plant which is what would happen if you got into the kiloton range.


Critical mass only means you've got enough neutrons to maintain a fission reaction, that's it, scale has nothing to do with it. The neutron flux between rods is moderated by steam, water, and other neutron absorbers, adding more fissile material into the equation doens't equal more energy. In fact it can STOP your reaction as enough material will absorb neutrons but not emit them with enough energy to really do anything.


Yes there is such a thing as passive cooling systems that require no moving parts. Most nuclear subs use molton sodium as a coolant and natural convection moves the sodium in a loop. Fukushima had such a thing but it the command lines to that value were cut and power to open the valve wasn't there anyway. That still didn't matter as the valve could be opened by hand except that the radiation in that part of the plant was too high. Some estimates but it at almost 30Sv MINUTE and no matter how fast you ran or with how much protection you'd still be dead before you could open the valve.


Dumping cold water into a reactor, especially sea water, is a big no-no as that'll immediately cause an excursion in 99% of situations, passive cooling or not. The water would stop the reaction immediately but the excess neutrons would have no place to go, as the water attenuated the neutron flux, and would MELT the fuel rods in a few minutes. If it's sea water you also get corrosion. When ordinary water is irradiated with strong alpha it becomes corrosive, reactor piping is designed to deal with the chemical reaction (peroxide) and so isn't in any danger as long as procedures are followed. Sea water on the other hand is corrosive against the same materials that are generally inert against irradiated water.


Fukushima had a N+2 failure system, you'd need two completely isolated systems to fail before things got ugly and the odds of that happening were extremely unlikely.

Um... what type of reactor are you an expert in as doing what you said in that last post would be a very stupid thing to do?

Comment: Re:Danger (Score 2) 467

by Shadowruni (#38300784) Attached to: Bill Gates To Help China Build Traveling Wave Nuclear Reactor
Jesus... where to start with your post...

First: Say it with me. Nuclear reactors ARE NOT nuclear bombs.

Unless you're dealing with highly enriched materials with proper reflectors and shape (these things REALLY matter) you're generally not going to get any sort of supercriticality, not to mention setting off a nuclear explosion isn't something that you can do just by accident. Even a simple device like 'Little Boy' requires some extreme engineering. A multistage device with a megaton accident? Not gonna happen... this pesky thing called physics will get in the way.

Second: We don't care about using unenriched uranium. That's a good thing to use as enriched uranium is incredibly dangerous to make (Bing uranium hexafloride), and dealing with weapons-grade anything is always dangerous.


Traveling wave reactors are fairly hands off deals. Most other reactors require constant attention to maintain their "balance" and if intimate knowledge of the system (along with piss poor planning and bad control rod design) is lacking then you can end up with situations like Chernobyl. If your DR plan doesn't account for a completely passive cooling system, as in Fukushima, or a dark plant... again see Fukushima.

Comment: An Iron Man 2 quote comes to mind (Score 2) 44

by Shadowruni (#36199612) Attached to: Phishing Site Discovered On Sony Thailand Servers
Ivan Vanko: [laughs] If you could make God bleed, people would cease to believe in him, there will be blood in the water, the sharks will come. All I have to do is sit back and watch as the world consumes you. Not that Sony was ever a God but the idea holds for any giant corporation with enough money buy the best security in the world. They were made to bleed and this won't be the last of these.

"No problem is so formidable that you can't walk away from it." -- C. Schulz