IRCnet Servers Strike To Protest DDoS Attacks 207
Many of the IRC servers on IRCnet are going to lock out
all of their users from 12:00 on Friday the 7th of April
to 20:00 on Saturday the 8th of April 2000 (time given in
UTC+0200) to
protest denial
of service attacks. It's a tactic that's been employed before,
but hopefully people will learn. Considering the attacks on so many
services on the Web, I bet we'll see this more. Course that might
just encourage the script kiddies.
submissions? (Score:1)
dating (Score:1)
Re:Should Shlashdot strike against trollers? (Score:1)
We just need to use the right bait to lure the SlashTrolls out into the open, where we can deal with them as we please.
My proposal:
Everyone knows that trolls love peanut butter. They'll do anything for a gob of that sticky, nutty goodness.
Slashtrolls seem to also have a predeliction for statues resembling Natalie Portman's naked form.
They also seem to like to throw hot grits down their pants (I'm assuming by this that SlashTrolls are an enlightened breed to Troll that do wear clothing, unlike the GhettoTrolls and TrailerParkTrolls that abhor such items).
SO what we need is a peanut-butter covered naked/petrified Natalie Portman statue, holding a bowl of fresh, hot grits.
The trolls will be unable to resist the nutty smell of peanut butter, combined with their attraction to the Portman statue. They will come out of their lairs and approach the statue. They will then see the steaming bowl of grits and will be unable to control their urges any longer.
While they fight amongst themselves as to whom will get to pour the grits down their pants and lick the creamy peanut butter off of the petrified form of Ms. Portman, we will have the perfect opportunity to strike, ridding ourselves of the SlashTrolls once and for all.
This has been a public service announcement from the Anti SlashTroll Alliance (ASTA).
Huh? Crackers are LAUGHING not LEARNING. They won! (Score:1)
The way to deal with crackers is to throw them to the four winds and leave their head impaled on a stick with the caption "Wanna be next?" in public for other crackers to see and fear.
HAIKUING (Score:1)
You need to hone your "m4d sk1llz"
And stop jerking off.
;)
Thank you,
The Haiku Guy
Re:IRCOps Bring on Their Attacks (Score:1)
Not every network is the same, and the people who "respond" are rarely particurly sensible people - I've known enough IRC script kiddies in my time to see this. If they get kickbanned from a channel, unlike your average user who just thinks "what a bunch of tossers", they aim their revenge squarely at the channel and then take it so that people know that they are all mighty and powerful.
Re:I would do the same if I ran one of the servers (Score:1)
Part of the problem is also just the power-model of IRC. Three levels of users, with each being able to do more than the level before (+v'd users can talk on a moderated channel, +o users can pretty much take over and ban everyone on a channel). Making each channel 'owned' by someone above all else would make things like channel takeover through flooding impossible.
In my opinion, it is these flood wars on users that cause things to escillate(sp?) up to full scale DDoS attacks.
Re:Reminds me of grammar school... (Score:1)
If not, he probably gets the snot beat out of him when recess is reinstated, so long as teacher conveniently looks the other way.
It takes a pretty childish mentality to break such a useful resource to begin with, so why not treat them like children? I say take the servers down permanently, leaving web pages up that say "Here's what happens when you abuse the internet. Don't blame us, blame THEM."
Then again, I don't IRC much anymore.
--Threed
Browsing at +2, or else on my Cell Phone. I see no trolls.
Re:I would do the same if I ran one of the servers (Score:1)
Bandwidth monitors would spike. We'd wake the guy responsible up nightly and finally we all decided to just watch it cook. It may still be there but we don't care. 3000 boxen back there and this one caused more problems that all the rest combined.
Not quite... (Score:1)
I hate to break it to the IRCNet admins, but there's more than one IRC network. There's more than 100. Heck, I wouldn't be surprised if there was over a thousand. They'll find another court to play in, and come back to their neighborhood when the yellow tape comes off. My point is, this won't resolve anything. It could even deteriorate the situation.
Oh, and for the record:
On Efnet,
Current global users: 60655 Max: 63127
I haven't been on IRCnet in awhile, but I'd be surprised to find over 60,000 users there.
did you say porn? (Score:1)
Can you hook me up?
I'm el1t3_d00d on Efnet, I can trade you warez and shells!
(oh go waste your moderation points on something more interesting!)
Re:did you say porn? (Score:1)
hehe.
(that's not his real IRC alias for the record)
Once again... Just a suggestion: go waste your moderation points on interesting articles instead of crap like this
True, but you're forgetting one thing (Score:1)
It won't do a damn thing in the first place.
A script kiddie usually has shells. Lots of shells. Shells he can smurf, slice, nestea, stream, <put other exploit name here> from. Yes, it is true that a K-line will not only make matters worse and anger the g0ds (or whatever their alias might be), but more importantly it won't do a damned thing. Guess what, they can get a new IP/hostname and log right back on. They have a choice between spoofing, hacking newbie boxens, or using one of their many v-hosts from which they either telnet/ssh or have bnc set up. Anyone who's been on IRC has noted the most original (I personally liked FadeTo.blackened.com) to the most ridiculous (bill.gates.is.a.closet.unixnerd.org (how retarded is that?)) v-host in the more popular, non-newbie IRC channels. You must understand that a K-line is like locking a door in an endless hallway of unlocked doors that all open to the same house.
If I was offered to be an IRC operator on Efnet, I would have to turn it down despite my endless hours wasted chatting because I could never handle such a responsibility. I'm quite simply not knowledgeable enough when it comes to networking protocols to handle such a situation. Maybe in a few years... :)
You're confusing IRC Operators and channel ops. (Score:1)
Channel operators have the RIGHT to make up their own rules, it's what makes IRC so darn (oh my, here I go again, pardon me!) popular. If you visit #bible, you should expect God's wrath (ie, a kick + ban) for using 'questionable' language. Get on one of the major networks (Efnet, Dalnet, Undernet, IRCnet... oops cross off that last one) and trust me, most channels won't ban you for swearing. I'm sure a significant percentage of them has a swear word as part of the channel name. My personal favorite is #why.the.fuck.are.you.whoising.me when performing the
In any event, your average IRC Operator will not only be disinterested in performing a
As a side note, for those of you who think Efnet sucks because it doesn't have ChanServ or NickServ, well that's everyone's opinion. I personally can't stand the idea that someone owns a certain alias or a certain channel. If you aren't appealed by the idea, you should get on another network such as Dalnet. For those of you who don't know what ChanServ is, it's a service that keeps ownership of a certain channel for you. You can register a password through a bot allowing you to get operator status. NickServ works the same way, but keeps your alias (your 'nick') for you when you're offline.
Re:How does this make sense? (Score:1)
- Insurance premiums are scaled on the average cost -- if everyone on your plan has health problems, your premium goes up as well. Sucks, eh?
- Seniority, especially in Union shops, is a key factor when downsizing. Often, work quality is not even a consideration. This has happened to me.
- It shouldn't work like this, but it really does a lot of the time.
Perhaps you could use better examples?--
: remove whitespace to e-mail me
Re:Should Shlashdot strike against trollers? (Score:1)
There IS a reason why this work against kiddies. (Score:1)
The kiddies do DoS attacks against IRC servers to reach particular goals.
There are, in my experience, three common goals the kiddies go for:
The kiddies are usually NOT out to DoS down the entire IRC network; they are using that network, and trying to gain prestige with other kiddies on it. Their attacks are fairly precise, and usually fairly short.
As a server operator, I think that the idea of shutting down the IRC network to send a message to the kiddies is a good idea. I have a couple of concerns with it, though:
However, all in all I still think it is a rather good way of saying Enough already!
Eivind.
Re:Peer pressure (Score:1)
Re:IRCOps Bring on Their Attacks (Score:1)
Apparently being moderated up isn't going to be a problem here. Hope I get this one in Meta-moderating.
Re:Should slashdot follow suit? (Score:1)
Re:Why was SLASHDOT down yesterday? (Score:1)
I can see it now, though. "I'm not crazy, officer, it really was down. Anonymous coward can corroborate my story!
Internet Cleaning Day (Score:1)
Re:Peer pressure (Score:1)
Because of that, I browse at a painful -1 (attention sig nazis, the sig is a joke). The most obvious peer pressure here is the attempt to outdo each other in offensiveness and obnoxiousness.
I don't think this does any good (Score:1)
Re:Ircnet is corrupted anyway (Score:1)
Re:Ircnet is corrupted anyway (Score:1)
Re:dating (Score:1)
Should slashdot follow suit? (Score:1)
This would be a great show of commeraderie to our IRC bretheren. It would give us all a first hand sense of Denial Of Service.
Hey! I would have a chance to catch up on some work...
I bet Andover would never go for it though. All those lost ADVERTISING dollars.
Re:I would do the same if I ran one of the servers (Score:1)
But it isn't the script kiddies who figured out how to DDOS you in the first place. The definition of a script kiddie is someone who isn't smart enough to find the security hole, but is smart enough to run the hack that someone else has created for them. Eventually your new protocol will get cracked by somebody, and once they write a tool to let the kiddies DOS you by pointing and clicking, you'll be in just as much trouble as IRCnet is now.
It's a fine way to say "We take this seriously" (Score:1)
Such displays may not do much to discourage the Oppositional-Defiant Personality types, or those who feel so dispossessed that they don't even see themselves as part of the larger Internet community (or many other types we seem to love over-generalizing about)...
...but they do *something* to suggest to the general community that this is a problem -- "our" problem, not "their" problem, where "they" is some highly paid corporate IT professional network manager.
I think the shutdown is a valuable display of solidarity
__________
Re:Solving the problem, ITS-style (Score:1)
On one of those systems -- it may have been ITS -- they gout around the problem of juvenile users crashing the OS (and destroying the work others were doing at the time) by adding a 'kill' command . Now it was no longer cool or clever to crash the OS, it was trivial and juvenile. A yawner.
I really do wish we could implement this on the internet, but it would never work, not with dozens of newbies logging on for the first time every second [there's a scary statistic for you: tens of millions of new users per year divided by half a million seconds a year]
Not to mention the prospects of typos on command line interfaces, people experimenting without RTFM'ing, and all those 'wits' who enjoy telling newbies to rm -rf
But boy, it's a pleasant thought!
__________
How should we react? (Score:1)
Part of the problem is that the "internet" consists of something akin to "anarchy that works", and really has little in the way of central authority figures to patrol the thing.
This, however, can remedied if we recall the old saying of "with freedom comes responsibility". A fair amount of us know someone who is involved in activities such as this. Talk to them. Work with them. Hell, smack 'em up the head if need be. As "net citizens" it's only we that can effect real change in the culture of the net. If everyone here could work on just one or two potential script kiddies and turn them into "free, yet responsible" users, online life would be *so* much nicer.
Hey, I can dream, can't I?
Re:I completely understand this. (Score:1)
Re:I completely understand this. (Score:1)
So what's new? (Score:1)
Is anyone going to notice?
Re:DOS this box/CRACK this box (Score:1)
Some kids use em
Maybe it will create a contra example to the skript kiddies and get some other ideas into their 'community'.
It more trying to alleviate some of the problem, and maybe co-opt some of the brighter ones to our side that to fix it completely.
I think it is feasible. Hang a couple of nice tight boxes (ha ha
Maybe its worth a try, maybe I am dreaming.
Hmm... (Score:1)
Brings that to roughly 2am on the US East coast and 11pm on the US West Coast? Just after IRC prime time.
Sure. This is going to work...
Re:K-Line The Kiddies! (Score:1)
So you can't connect to IRC for a day...if things don't change, the large IRC networks will gradually disappear. Not that this would necessarily be a bad thing, but it's pretty silly to whine about being denied a free service, for which the admins receive no compensation or reward, just a lot of juvenile whining.
I completely understand this. (Score:1)
DoS attacks have gotten way out of hand. To the point that providers are no longer so willing to donate anything to operating the medium, because of the inherent risks involved. Who can blame them?
IRC is a *free* service. Its unmoderated. And, it has been here for a long time. The people such as myself who devote time, money, resources, are getting *fed UP* with the small minority of people who think its their GOD GIVEN right to smurf a server, or an oper. Its not. And, honestly, I can understand the motive behind this shutdown.
People are getting tired of volunteering, and indeed, donating their time, money and effort only to have someone Distribute a smurf attack that cripples not only their target, but a wide geographical area just so someone can flip a finger.
DDoS is *not* a right. Its not *cool*. Its the act of someone who is small in mind, who suddenly has to do something disruptive because thats the only way they can communicate. Its base primitive behavior. To be the loudest one of all. Its the bigger dick contest to an extreme, and it affects everyone. It is, quite simply, the act of a coward who has yet to learn the value of real communication.
So, I would say, to any of you, whether your use IRC, or dont, re-evaluate your position on this. IRC is an old medium. Its the best realtime conference medium available. Its changed alot yes, we are no longer the same medium described in RFC1459, I doubt Jarrko ever thought it would go this far. But, it did. And here we are.
Yes, this affects users as well. Yes, the smurf and packet kiddies will probably find other targets. That is not the point.
The point is: If you cant use the medium properly, then we arent gonna provide it for you. Period. Nobody is making money off running IRC. We have no motive in providing you the service. We do it because we enjoy the medium, and feel the medium is so good, its worth sharing, but, if you want to abuse our good will, and the effort we put forth...
Then, your damn right, we *will* pick up our ball and go home.
Supernaut
Re:Boring (Score:1)
Re:ah give me a break (Score:1)
Correction, all services. And the point I beleive was being made is that someone's idea of fun made life difficult for 1500 students.
No, it's not quite as bad as the network of a business being brought down, but it is almost. I'm not sure of the exact setup of the network at the university, but I know that most of the computers I use, and all of the ones in my department, would be made useless by the lack of DNS. This would mean I am unable to do work. I know, students working is a bit of a novel concept, but despite popular belief we do, and one night's lost work can make a big difference!
Re:Preemptive denial of service? (Score:1)
Re:dating (Score:1)
Re:Mentality (Score:1)
It's not that the server cannot connect to EFNet because the DoS attacks soak up all the bandwidth or something.
It's because when it's connected to EFNet, it becomes a target for DoS. When it isn't connected, none of the weenies know or care it exists, and your ISP is no longer chosen to receive DoS attacks.
"due to" in the sense of "to prevent", rather than "because of".
Regards,
Tim.
Senryu? (Score:1)
Please forgive my ignorance
What is senryu?
Re:Boring (Score:1)
Make's sense (Score:1)
They have this facination with annoying and causing others inconvenience. So why not give it right back? I know it affects others too, but 1 day isn't that bad. Personally, I hope it happens some more.
DDoS is really a stupid thing to do. The kiddies need to grow up. I wish this would help... I tend to think it won't have a huge impact though.
Re:Preemptive denial of service? (Score:1)
Re:Punish the whole class -- annoying but effectiv (Score:1)
The reason this works with students is that they can give each other dirty looks until those responsible start changing. But on IRC things are just too anon. Somebody in #meaninglesschat isn't going to care about, much less pressure, some kiddie in the adjacent room.
I do think it'll annoy the kiddies, but I'm not sure what the outcome will be. They might see the error of their ways (ya, that could happen) or they could retaliate.
Life after IRC : Adds and pop-up crap! (Score:1)
They should not need to fight in order to continue giving away something.
If IRC collapses, chatters will have to go into the commercial "chat rooms" filled with adds, pop-up sh*t and such.
Tell the "hackers / crackers" you know about that very likely outcome of their activites.
A recent /. story [slashdot.org] told us about some site only allowing their IRC version - yes, it shows adds!
Best regards,
Niels Kr. Jensen
Re:Mentality (Score:1)
But, what does this prove? What good is an un netted IRC server?
Sure, people can gather there, but that's not what IRC is about. That's like putting up a public website, but denying all requests from any net but 192.168.x.x. The website still works, but it's barely useful.
I see that irc.nbnet.nb.ca is down now. Doesn't even let me make a connection to 6667. Guess they got tired of fighting off attacks, like you said.
Mentality (Score:1)
My primary EFNet server (through my ISP, irc.nbnet.nb.ca) is now unlinked - to ANY net. The MOTD says something along the lines of "This server has been taken offline for an indefinate amount of time due to DDoS attacks"
_WHAT_?
I mean, if the server can dish out the MOTD, why can't it just keep trying to reconnect to EFNet.
I emailed my ISP. I stated that I had been using IRC for about 6 years and how unhappy I was with their decision to take the server down, and they sent back a letter listing other IRC servers that I could use. Gee, thanks. I've only been using IRC for longer than irc.nbnet.nb.ca existed. I had no CLUE that there were other servers out there. Wow. They opened up a whole new world to me.
*eyeroll*
Re:DDOS Attacks Not All Bad (Score:1)
B. Did I say it was OK? No, just better than. Or do you propose people will just believe that the internet is insecure without having it demonstrated to them? Not likely.
The moment the world lapses into a sense of security over the internet is the moment a life-critical application becomes dependent on it, and is two moments before a catastrophic, "unexpected" failure or terrorist attack.
I would prefer that my systems be continually tested in a natural, dynamic environment rather than to have some sort of artifical "harmony" through luck or law grant the internet asylum... until the Big BSOD. Call me paranoid. Call me Old School. An ounce of prevention is worth a pound of cure and so on.
My argument implies that, all things being equal, DOS attacks increase in cost|damage with time. Not necessarily that their cost equals zero today, but near enough zero when viewed in light of the internet's expected lifespan. So, as long as DOS attack frequency remains constant or does not increase exponentially into the future (a function hopefully of the knowledge gained from every DOS attack in the present) the future benefits of DOS attacks today far exceed any piddly costs a DOS victim today could ever claim (legitimately or not).
I know you were obligated to post this response, so I don't hold it against you; however, I hope you realize how inane it is.
Great (Score:1)
Re:Senryu? (Score:1)
It is ironic, but (Score:2)
Do I like the situation? No. But my kids like to eat, so I'll leave the battle to those with tenure. (yes, this is why tenure exists; it's not really [supposed to be] about job security in general).
Re:Sounds kinda ... effective (Score:2)
--
May I ask why? (Score:2)
Re:Preemptive denial of service? (Score:2)
Dunno why they wanted #England so badly!
I rememebr we ended up taking over their own meeting channels for a couple of weeks in revenge
Those were the days.
DDoS has always been part of the IRC and is going to stay that way - you can limit it by not allowing bots etc on your servers but people will always have scripts and there will always be script kiddies
troc
Re:submissions? (Score:2)
Troc
Maybe this is a good thing (Score:2)
This will have the opposite effect intended. (Score:2)
Analogy: when you were beat up by the school bully in grade school, protesting by not coming to class for a week would be a sure way to get beat up even more when you come back.
This is only going to hurt legitimate irc users who have nothing to do with the attacks. Script kiddies will just beat them down until they submit, then go find another target.
*sigh* You think they would be a little smarter about this.
Re:Doh! (Score:2)
And in my humble opinion GMD is right. IRC has lost most of its meaning nowdays. The chance of meeting intelligent life there is as high as finding intelligent life on anothe planet in the Solar System. So I personally appload any ISP that has stopped offering IRC as a service.
It has a place only on internal networks nowdays.Sad, but true.
Punish the whole class -- annoying but effective. (Score:2)
Re:I would do the same if I ran one of the servers (Score:2)
Here's a thought - find somebody who uses crack cocaine and tell them you are going to stand there and keep them from using it. Not something I'd want to try...
Re:I would do the same if I ran one of the servers (Score:2)
How do I do that? AFAIK, neither Netscape, Exploder, kfm, Konqueror or Opera do this. I don't know if NS6 does or not, but there's no way I'm going to use that bloated pre-alpha crap they released yesterday. If there is a way, let me know.
Okay, Lynx probably can. But I'm guessing that with the pics and icons and layout, that Slashdot wasn't meant to be used with Lynx.
Re:Cutting off your nose to spite your face (Score:2)
Blah, you have no imagination. All you need is a can of white paint to paint some strategically placed arrows on the surface. The difference isn't the potential, the difference is the real damage done.
-- Abigail
Re:Who is this aimed at? (Score:2)
The point is that by protesting a wrong we are trying to focus attention on the matter and show the general public that informed, rational computer hackers abhor such activity.
-=-=-=-=-=-=-=-=-
DOS this box/CRACK this box (Score:2)
But
Here's hoping some form of sanity prevails.
IRC pollution (Score:2)
DDOS Attacks Not All Bad (Score:2)
Today, the internet is a non-critical entity. Denying service to any of the 99% of the servers in existance is akin to covering your nearest freeway billboard with a bedsheet. The only harm caused is a momentary pause in the flow of cash toward the increasingly larger internet corporations.
Before you bark at me, realize that you have two options: suffer through and learn from DOS attacks today when the stakes are infinitely low, or find yourselves at the mercy of a ruthless sabateur when the internet actually provides some crucial, important, life-critical service.
Because, if all the script kids stopped today as a result of this protest, the DOS attack methods would still exist... and maybe we would be foolish enough to actually permit something like, oh, Social Security or a Presidential Election, or everybody's oxygen machine to get wired up to the internet, and lo and behold someone whips out a DDOS attack from their archives. You get my drift.
Continuing to demonstrate the youth of this system only provides the world a service at a tiny, tiny cost compared to what havoc might occur if we closed our eyes to the reality of the internet's maturity.
So what if Aunt June can't get to EBAY to bid on another beanie baby or little Timmy can't look up Jennifer Lopez *one *more *time on Yahoo, or whizzbang.com loses 4 hours of ad revenue. As long as my decendants don't become extinct as a result of an insecure internet, it's a small price to pay.
If the worst thing that happens today is that an IRC server is inaccessible, well praise the lord.
Re:This isn't going to work. (Score:2)
Folks who start DDoS and other script-based attacks are, for the most part, immature little jerks who are so incompetent in every other part of their lives that they have to do sociopathic things in order to feel powerful. If they didn't have IRC to DDoS, they'd probably be out smoking cigarettes to show Mom who's boss, or writing "SUX" on bathroom stalls. They're probably cruel to littler kids, so they can feel like they're bigger and tougher than somebody. They hate their mothers, but they secretly wish they could fuck them, so they break into web sites and vandalize them with the particularly telling message that they "own" them now. They try to "own" cnn.com [cnn.com], but what they really want to own is Mom. The slang they use to talk to each other is full of sublimated expressions like "rule" and "own" and "bitchslap" and "you're my bitch now," and, of course, "muthafucka."
They don't have their own personalities, so the only form of self-expression they can come up with is to find the things that are better than them--that make them feel as little and irrelevant as they actually are--and destroy them.
The IRCNet gesture is intended to polarize us, not to convince script kiddies they're getting on our nerves. On our nerves is where they want to be.
--
Re:This will have the opposite effect intended. (Score:2)
This isn't going to work. (Score:2)
Its a nice gesture, but I can't see how it will really make much of a difference... as much as I hate lawsuits, a better solution is to try and find the people behind these attacks, and sue them for all the wasted network resources caused by their attacks. Sure, that won't stop new attackers, but it will at least help them with some money to buy extra bandwidth to deal with it.
Of course, a real solution to dealing with these idiots would be nice, but we can't just throw them off the net forever, and we can't shoot them. So just what do we do?
IRCOps Bring on Their Attacks (Score:2)
Many of the users on IRC are people who, somewhat like the IRCOps, have some technical skill, and are usually fairly young. They like to get drunk, high, and they like to screw around. When conflicts happen, usually IRCOps are completely unforgiving and rather rude.
This provokes alot of the Denial of Service attacks.
IRC Networks for a long time now have been ignoring security (It took them sooo long to get any preventative measures) and they just blame the user who attacks them, which may provoke more attacks, usually doing nothing.
I've never been on IRCNet, but I've been on IRC (Starting with EFNet) for about 7 years. I've run several small networks of my own. What I said here may not apply to IRCNet, but it sure does apply to all of the IRC Networks I've been on.
Now, if my message is moderated up, the IRCOps I've offended will flame, point out any little errors I made in this e-mail, etc. For saying things along these lines before, I've been G-Lined and tons more (including Undernet Ops e-mailing my boss in hopes of them firing me, hah).
the latest DoS attck (Score:2)
I'm not familiar with the problem, since I never use those networks. Still, I find it hard to imagine that one more DoS will improve things. I guess this is a sign of desparation, rather than a reasoned response? If someone who is responsible for this decision reads this column, I hope you'll enlighten us.
Re:IRCOps Bring on Their Attacks (Score:2)
When confronted with the amount of shit that happens on irc networks, most operators tend to hang on to the cynical side of life. Does that make it okay to flood servers? Do you have any idea what kind of damage is caused by this? Ever been called out of bed at 5am over a frigging irc server? The fun departs quickly, trust me.
Pi
Cutting off your nose to spite your face (Score:2)
Re:We're on the wrong track folks (Score:2)
Re:Preemptive denial of service? (Score:2)
Grtz, Jeroen
Not so bad (Score:2)
Oh, and for the person who posted "we're on the wrong track" - please note that 'the internet' is international, and that the US constitution is not.
Inez{R}
Re:I would do the same if I ran one of the servers (Score:2)
IRC DDoS (Score:2)
I really don't understand what this will prove to anyone. Do these sysadmins think that by taking away IRC, these guys won't be able to plan their next strike?
Hey, let's show the commies in Cuba and China how much we don't like thier policies-- by copying them here in the USA!
Like most (all?) protests, this is all fluff and no substance. By taking some action, no matter how silly, these guys make themselves feel better about the situation. A better course of action would be to work out a solution to prevent DDoS attacks from succeeding.
We think ALAR on apples is dangerous for kids, so we're going to protest its use by spraying it on all other fruit crops too!
Sounds kinda childish (Score:2)
They need to figure out how to avoid/stop the attacks. Shutting down just calls attention to the problem.
Re:A nice idea - but I doubt it'll work (Score:2)
Perhaps we should start punishing crimes not only based on the intent, but the cumulative frustration, annoyance and grief it causes.
These kids could qualify for the death penalty, and I know of plenty of people who would (unjokingly) gladly pay for a few minutes alone with these kids in an alley somewhere.
Wasn't there an article a while back about someone that actually did that? Tracked one of these packet kiddies down and assaulted him? I think they got caught though..
Re:We're on the wrong track folks (Score:2)
Key concept: When companies (or whomever) are crippled by vandals abusing or crippling their sites (a situation that is somewhat exacerbated by the far-flung but inter-related nature of the Internet), do you think that the Federal government is not going to notice? Especially when these vandals hit noticeable sites that should CONCIEVEABLY have had some sort of security. I know that most people with inkling of routing protocol would respond that the sites should have filtered their packets, that they deserved what they got etc. etc. etc.
The issue truly at hand is wether or not the freedom of the Internet jeopardizes the freedom to USE the Internet. When that freedom to use is threatened by the abuses of a few miscreants, doesn't the government (policy makers, politicians, even the DOJ) have a duty to step in? Does the freedom of the Internet surpass the freedom to use it?
I agree that most politicians have no real grasp of technological issues. It seems that most are crafting their views depending on how the winds blow or on what Tom Brokaw hyperventilated about at 6.30pm or on what their tech advisor is telling them at the moment. Or, even worse, they regurgitate the party line when it comes to something like Internet taxes.
Whenever someone moans about "the Feds", I have to ask what the hell are YOU (yes, you) doing about it? Are you expecting someone else to step in and solve these problems? I hate to say this, but since there is a notable absence of the technologically savvy on Capitol Hill, others are stepping into the vacuum (corporate interests, politicos, etc.) and are driving tech policy.
As for the instance of the IRC operators, I can certainly sympathize with them and perhaps this might serve as a wake up call for the abusers.
Other Protest Methods Doomed To Failure: (Score:2)
Starving Children Around the World Go On Hunger Strike
US Government Randomly Kills Citizens in Order To Protest Terrorism
Environmentalist Group Burns Forest, says one member, "We're sorry it had to come to this"
Department of Treasury Stops Printing Money in an Effort to Reduce National Debt.
Man Refuses to Clean Up Doggie Mess in Hall in Effort to "...teach Oscar what it's like to live in filth"
Housewife Stops Watering Plants, says, "Maybe This Way They'll Decide To Produce More Oxygen"
A double-edged sword? (Score:3)
On the other hand, I'm not so sure that IRCnet has thoroughly thought this out. To echo the concerns of many other posters: isn't protesting DoS (Denial of Service, for the uninitiated) attacks by shutting down your service rather... counterproductive?
Aside from the confusing nature of the protest, IRCnet must realize that they risk annoying, perhaps even angering, a lot of thier users. Especially at risk: users who aren't aware of DDoS or the protest, and the script kiddies who perpetrate these kinds of attacks. I'm worried that this action may be inviting attacks and possible disaster on the IRCnet network.
Maybe a better way to do this would be to run a campaign like the yearly Anti-spam campaign, which asks web site operators to turn thier sites pink, and explain the protest. Things like that seem to have a greater effect than outages.
Well, in any case, I wish the folks of IRCnet the best of luck.
--
: remove whitespace to e-mail me
Preemptive denial of service? (Score:3)
Christopher A. Bohn
Re:HAIKUING (Score:3)
Wanna get fussy
your last post was not haiku
instead it's senryu
Ah so WDK - WKiernan@concentric.net
Re:the latest DoS attck (Score:3)
When I still used to use public IRC servers one of the main reasons to DoS an IRC server was the create a split in the network of servers. Once the split was there you could could connect to the opposite side of the split with another client using the same nick(name) as the person(s) you wanted to knock off the network (presumably to gain operator status on a channel they controlled.) When the DoS'd server came back online the split would rejoin and a nick collision would occur--knocking your fake client and the other guy's real client offline simultaneously. Then you could steal his nick and/or his channel. I think most servers have added some form of timestamping to stop this but I didn't really pay much attention to it then, and none at all now.
I imagine the DoS attacks on IRC servers are still probably a tool in the little kiddie's turf wars. Considerring that the same kiddies are using IRC servers to coordinate their efforts (and as a replacement for real lives) they're kind of screwing themselves. Also, since the server operators are providing their services for free on a voluntary basis I see no problem with them DoS'ing back as a protest. Will it change things? Probably not. Will it piss of the kiddies? Yeah probably if they're cut off from the only lives they have.
numb
A nice idea - but I doubt it'll work (Score:3)
Although I have little experience with IRCnet, I can relate with my times on EFnet and Undernet, where groups of kiddies are all to willing to fire up their TFN's and take out a hub or two, causing splits across the whole networks. These splits are just so annoying when you're on IRC, and I agree that anything that can be done to prevent the DoS should be done. While I reckon this stance is a good idea to draw attention to the cause, I can't see that it's going to help prevent the DoS in any way whatsoever.
IRC servers are such easy targets.... with such noticable effects in the form of splits - almost enough to make a script kiddie climax in fact. EFnet has started to employ ways to make it harder - hiding IP's from C: and N: lines, but anyone with a bit of knowledge or skill can find these out.
Maybe it's time to accept that IRC is a medium which will always be plagued by these lamers who get kicks from causing havoc. I doubt it will stop, there are just SO many, and the only way to prevent this sort of thing happening, IMHO, is to either employ high level firewalling techniques, or get to the root of who is causing the problems.
Not sure either is particularly feasible.
steve
Who is this aimed at? (Score:3)
It's "Blazing Saddles" all over again . . . (Score:4)
And the townsman back off, because he has a hostage . . .
Should Shlashdot strike against trollers? (Score:4)
Think about it - it would only let the trollers know that they had won!
I guess the intended effect of such a strike is to raise consciousness amongst those affected of the effects of their actions. Ask yourself - how many script kiddies / trollers are really gonna care about the effect of their actions?
I'm left wondering - where would the trollers go if Slashdot closed it's doors??
Hmmmm...
"Give the anarchist a cigarette"
How does this make sense? (Score:4)
It's a good thing this isn't implemented (widely) in the "real world" (sarcasm mode on):
Sigh. Life sucks and is unfair whenever it would be inconvenient for people (and esp. bureaucracies) to do the "right thing". I know that this episode is just a minor inconvenience (the idea of doing anything important on IRC vanished for me around 1992) but it definitely illustrates the addage "cutting one's nose off to spite one's face".
We're on the wrong track folks (Score:4)
How does this combat DoS attacts by script kiddies? It doesn't. And we're on the wrong track.
Americans are exercising their unalienable right to life, liberty and the pursuit of capital gains. But what happens when liberty jeopardizes life -- or the Dow Jones average? And what happens when the government jeopardizes liberty?
On Tuesday, Sen. Jon Kyl, R-Ariz., convened the Senate Judiciary Subcommittee on Technology, Terrorism and Government Information to make the case for new legislation to protect the nation's ``information infrastructure.'' And so began a familiar Washington ritual: Friendly lawmaker invites friendly bureaucrat to a hearing. Soon, a new law emerges that gives political credit to the lawmaker and a bigger budget to the bureaucrat. Kyl began the show with a declaration that ``denial of service'' hacker attacks on companies such as eBay, Yahoo and CNN should ``serve as a wake-up call about the need to protect our critical computer networks. the attacks contributed to a 258-point drop in the Dow Jones Industrial Average and halted a string of three days of consecutive record- high closes of the technology-laden Nasdaq Composite Index.''
To deal with this problem, Kyl and Sen. Charles Schumer, D-N.Y., have co-sponsored S. 2092, which would modify the federal government's ``trap and trace'' authority, so that law enforcers would no longer need to obtain a search warrant in every jurisdiction through which a cyber- attack traveled. This just makes matters worse, the more we promote the "We must do something about those evil script kiddies" by staging stupid stunts like this blackout, it gives the govenment the green light to come on in, write bad policy and pay for the execution of this bad policy with our tax dollars.
The first ``witness'' was FBI Director Louis Freeh. After praising Kyl and his legislation, he reminded his audience of how much the FBI was already doing to combat the scourge of cyber-crime. Freeh then used the forum to outline the FBI's entire cyber-agenda, covering everyone from virus-writers and intellectual property thieves to the ``Internet Black Tigers,'' a group ``reportedly affiliated with the Tamil Tigers'' of Sri Lanka. He further noted that unchecked Net-related stock fraud costs investors $1 million an hour. IMM an hour? Sources say? BS. We're giving the feds all the confusion they need.
We need to get constructive folks, and not continue to feed the machine.
Mind your manners (Score:4)
wether or not the freedom of the Internet jeopardizes the freedom to USE the Internet "
Very eloquent and accurate.
On the other hand, your flame was rather insulting,
Whenever someone moans about "the Feds", I have to ask what the hell are YOU (yes, you) doing about it? Are you expecting someone else to step in and solve these problems?
Who the hell am I? Well for starters I'm an over 40 PHB who lives in the US and has been on the net since the old days, pre 1980. My entire career for the last 20+ years has been the internet, starting long before GUIs.
What the hell am I doing about it? Plenty, you should be as well. All of us should, not just because it's our livelyhood, because it's our privacy and our basic freedoms as well. Personally, I have regular dialog with many elected officials on many different levels. I'm no stranger to the telecom lobbists or in my Representetive [house.gov] or Senators [senate.gov] offices on capital hill and my state capital. I support the Electronic Frontier Foundation [eff.org], Global Internet Liberty Campaign (GILC) [gilc.org], Internet Free Expression Alliance (IFEA) [ifea.net], Digital Future Coalition (DFC) [dfc.org], and the TRUSTe Privacy Policy Certification Program [truste.org] as well as several others both monetarily and with my time. Do you?
Am I expecting someone else to step in and solve these problems? No, I am involved, are you?
Although you had a good point in your post, I feel the impact of it got lost in the flames, instead of flaming posters on /., try using some of that effort to get the laws and the policy changed, you might be surprised at what one person can do.
I would do the same if I ran one of the servers. (Score:5)
Pardon all my tpyos, incorrect grammars and speelings, Rob when is slashdot getting a spelling and grammar checker?
Solving the problem, ITS-style (Score:5)
The solution: Reduce their incentive to. Widely distribute a daemon, pstormd, and a program, pstorm. When pstorm is run, it will connect to every copy of pstormd in existence, each of which will begin ping-flooding every host it knows of.
Result: Anyone anywhere will be able to effortlessly bring down the Internet without getting caught. After several months during which the net is totally useless, a general appreciation for the fact that the network is not a toy will develop. Every month or two, someone will run the program out of maliciousness, terrorism, or curiosity, but the appeal will gradually dwindle. ISPs who deny access to the program to their users will be publicly flogged for "presenting a challenge to the little bastards." AOL, after steadfastly refusing to include pstorm's trademark "don't push" button in their software, will be disconnected from the network entirely, to general approval. pstorm will eventually be ruled illegal, but no one will care.
The FBI will be sued by the FSF, and lose, because its attempts to block pstormd from functioning involve reverse-engineering its messages (3-byte UDP packets which read, "GO!"). Microsoft will write its own pstorm, which says "BO!", and imply that the non-MS version is unreliable and may be unsupported in the future.
Eventually, use of pstorm will be restricted by tradition to certain celebratory occasions, such as Kwanza. It will also be used to protest particularly clueless decisions by judges and elected officials about The Way The Network Should Work, to remind them and everyone else how much say they have in the matter.