DDoS for Fun and Profit 429
First there's the Microsoft worm, reported earlier, which in addition to all the other damage has apparently knocked Microsoft's Windows XP activation servers (and Bank of America ATMs) off the net. Then we've got a report about the ongoing demise of DALnet, perhaps not the way we expected it to go. And Canada discovers a risk of online voting.
They're still dying? (Score:5, Funny)
Wait, the difference is that Apple is still on the net. Heh.
For Fun and Profit? (Score:3, Insightful)
Anyone?
Re:For Fun and Profit? (Score:3, Funny)
2. ????
3. Profit!
Re:For Fun and Profit? (Score:3, Insightful)
Re:For Fun and Profit? (Score:5, Informative)
za
Re:For Fun and Profit? (Score:5, Insightful)
auction.example.com might want to attack sell.example.com's servers -- more business and credibility for auction.example.com (unless they get caught)
----
If, hypothetically, I run a brick-and-mortar specialty store (I sell cheese). I notice business dwindling off. I survey some of my customers and find out they're buying their Gouda from cheese.example.com. Attack the site, or the whole 'net: get customers back.
----
However, I suspect this new worm's ("Bill's Tapeworm" as I heard another slashdotter call it) DDoS payload was a side-effect and likely accidental. The worm is trying to reproduce, and the DDoS seems like an unintended payload (after all, if the work can't get to another target because of network congestion, it can't infect it (UDP packets DO get dropped in such situations)).
S
Re:For Fun and Profit? (Score:5, Interesting)
Its rate of infection is so high that the DoS is caused, which in turn uses all available bandwidth, just like when a biological parasite kills the host; the parasite dies off..
As you put it, the payload doesn't do anything but try to infect other hosts -- no syn floods, no ICMP, nothing except sending packets that could infect other servers. That's why I think the DoS was unintentional.
S
Re:For Fun and Profit? (Score:4, Interesting)
It would make sense to me this is a RIAA sponsered thing gone wrong.
Re:For Fun and Profit? (Score:2, Interesting)
Must be driving them nuts.
Wouldn't surprise me in the least if they've moved beyond rhetoric to action.
Re:For Fun and Profit? (Score:2, Interesting)
Re:For Fun and Profit? (Score:2, Interesting)
Extortion; Blackmail.
the RIAA (Score:2)
Actually, it wouldn't surprise me *too* much to learn that this is the case...
**AA behind DALnet attacks? (Score:4, Interesting)
Just a conjecture, but it wouldn't seem out of step with **AA tactics to take down DALnet in order to curb illegal file sharing.
~Chaltek
Re:**AA behind DALnet attacks? (Score:4, Interesting)
Re:**AA behind DALnet attacks? (Score:3, Interesting)
If I was going to get into conspiracy theory, I'd point the finger at any of the various commercial "Messengers" (AOL Messenger, Yahoo Messenger, MSN Messenger, etc.) before I'd point at the *AA's.
People addicted to chatting WILL pick up one of the other chat venues if IRC is not available which means more eyeballs for the ads that support those venues.
File traders already have other means: KaZaa, et. al.
DDoS (Score:3, Funny)
Fastest day of the internet all year (Score:5, Funny)
And... (Score:2, Funny)
1.2 Megabits / s (Score:3, Informative)
1.2 megabits per second
Your raw speed was 1156090.51 bits per second which is the same as:
Communications
1.2 megabits per second How communication devices are rated. Kilo means 1,000 and mega means 1,000,000. Examples include 56k modem and 10Mbit Ethernet
Storage
141.1 kilobytes per second The way data is measured on your hard drive and how file sharing and FTP programs measure transfer speeds. Kilo is 1,024 and mega is 1,048,576. 1MB file download 7.3 seconds The time it would take you to download a 1 megabyte file at this speed.
Rating
Compared to all connection types worldwide, yours is fantastic
Re:Fastest day of the internet all year (Score:2)
huh (Score:4, Funny)
Re:huh (Score:2)
i don't get it (Score:5, Insightful)
Re:i don't get it (Score:5, Interesting)
You know how it is if you hire somebody *else* to paint your house? There is usually a heckuva lotta stuff you would have done differently because its *your* house.
But if you paint the house yourself, it takes a heck of a lot longer than you dreamed, but it's done right - to your exact satisfaction. You know everything about it - and if anything goes wrong, you know exactly how to fix it.
There's a big different between *yours* and *someone-else's*.
I feel the same about OS.
If its really not all that important, I will go with whatever gets the job done quickest.
But, if my life or reputation depend upon it, I need to be secure in my knowledge that I know exactly what I am doing - for it is I and I alone which must take responsibility for the outcome.
I think a lot of it is like choosing rope - if you are a shopkeeper, you may choose a rope based on its markup and profit potential, but if you are a mountain climber, you probably choose rope based on a completely different criteria.
ah yes... (Score:2)
Activation servers off the net? (Score:5, Interesting)
It's 2:20 CST and I'm trying to activate a copy of XP. I need to, because this repair/upgrade (changed mb, disk controller, video, hdisk, NIC, RAM, USB revision, CPU, etc) I can't logon without activation.
Except, I CAN'T ACTIVATE. I am told there is no way ANY copy of XP can be activated in the next 5 hours because of (drum roll)
** Routine maintenance **. I mean, I asked: I said
"You don't have some little stand-alone machine that reads a DVD database so you could stand in line and do it?"
"You don't have a couple hundred "last resort" number ranges? You can call me back tomorrow!!!"
"There's not some guy you can go ask? Ya can't call Bill at home?"
So, I gotta stop my project for some unknown length of time. Good thing I'm not updating a medical drug interaction database, or an available transplant database, or a process flow control system or a hazardous atmosphere measurement system or a BUNCH of other possibilities. In my case, either I miss the superbowl, or my car dealer can't find and order Volvo cars on Monday. Life will continue.
But, I'm still seriously pissed. Call 'em at 888-571-2048 and try for activation.
And let's think about the true meaning of the fact you can't release liability for the consequential damage resulting from negligence. I mean, I have NEVER heard about "routine maintenance" on the 24.7.365 activation promise...
Well, on to the next job...
Re:Activation servers off the net? (Score:2, Insightful)
If the work is that important, why do you not have a backup machine with which to perform the task? Rather ironic that you're lambasting Microshaft for having no backup system when you yourself have none.
Disclaimer: yeah, yeah, I know it's pretty poor that M$ doesn't have any kind of backup activation facility, but just playing devil's advocate a little.
Why should one person have to own 2 computers? (Score:5, Insightful)
Are you saying he should have 2 computers when he only needs one???? Not everyone can throw around money.
The Microsoft servers are a different story. They should have lots of backup systems running because they serve millions of people. Not to mention this is caused by a security flaw they carelessly created.
This guy is hardly being hypocritical.
Re:Why should one person have to own 2 computers? (Score:3, Informative)
He already activated it, guy. Read again, he said he upgraded his hardware. When you upgrade your hardware, Windows makes you activate it again, because there's a possibility that maybe you just took the hard drive out and stuck it in another computer, i.e. getting two copies of XP out of one disc. XP makes you RE-activate the operating system when you make drastic changes to your hardware.
Re:Why should one person have to own 2 computers? (Score:5, Informative)
Re:Activation servers off the net? (Score:5, Informative)
2 months after that I left Windows for good and latched on to Linux. So far I haven't had to call my distros for product activation, so I'm happy.
(Disclaimer: Linux isn't for everyone, not preaching, just my experience, yadda yadda yadda...)
Re:Activation servers off the net? (Score:3, Insightful)
Re:Activation servers off the net? (Score:2)
Apple Retail Store, pick up a nice new iBook or PowerMac.
Or Partition drive and start installing Linux.
StarTux
Re:Activation servers off the net? (Score:3, Informative)
Re:Activation servers off the net? (Score:2)
This question may sound a bit dumb, but "You have to activate XP for a freakin' *hardware* upgrade???"
Damn....
In order to explain the "dumbness" of my question: I switched to linux *exclusively* 6 years ago. I am SO glad I did that after reading all this...
Re:BIG FUCKING DEAL (Score:5, Informative)
Unless, of course, he did the install 30 days ago, and waited to install NOW. Point is, this really doesn't matter, and this guy can kiss my ass -- "I gotta stop my project for some unknown length of time" sounds like the lamest excuse I've ever heard. Maybe he's gotta make a run to Krispy Kreme. Regardless, XP allows you 30 days grace (beta versions 14 days).
Well, I can see why Bruce Perens added you to his foes list.
The 30-day grace is for an initial install. For hardware changes the rules are different:
Source: Service Pack 1 Changes to Product Activation. [microsoft.com] So apparently the guy had the nerve to install new hardware on an XP system that didn't have this service pack applied.
The take home lesson here: until the activation servers come back up, you should not install any new hardware on an XP system or your machine will be rendered inoperable. Unless you've installed SP1 first. In that case you can install your new hardware and cross your fingers that the MS activation servers are back up within 72 hours.
Re:BIG FUCKING DEAL (Score:2)
Nope, sorry dude. If you swap enough hardware in/out of your PC, XP will stop letting you log on *immediately*. Regardless whether your system was activated before or not!
Hell, once I swapped the network card and XP wouldn't let me log on before it had phoned home to get me permission to use my PC again. But the hard part was: without being able to log on I couldn't install the network driver, and without the driver the system couldn't activate! Deadlock! Well, had to use phone activation, but still...
The nice thing is, we can expect much more from MS where the whole Activation idea came from (DRM and whatnot). Now if only X11 wasn't so fucked up and KDE was more productive to use, I'd have made The Switch a long time before now...
Korean computers cut off (Score:2, Funny)
Pity that they will be reconnected...
Dilemma (Score:5, Funny)
When your enemy is their own worst enemy, does that make them your friend?
Head...aching...
DDoSing and Script Kiddies in general (Score:2, Interesting)
But all this rage can go nowhere - you can't do anything about other people's stupidity - it's just so frustrating.
Are there any SK's reading
Reply to this, anonymously if you must, and please give me some insight into what is so amusing about destroying the hard work/livelihood of others for 0 gain on your part? I just cannot understand the motivation to do so. It's like tagging - pointless destruction of property that achieves nothing.
I guess if I thought for one second people might think about how junky most MS product offerings are, and replace them with high quality Open Source or Free software, I might see a point - but no one ever seems to.
Sigh. So. Very. Depressed.
Power. (Score:5, Insightful)
That this is just an inherent problem in the internet's sociology and architecture isn't really a term in the equation but there you go.
Re:Power. (Score:3, Insightful)
Re:DDoSing and Script Kiddies in general (Score:2)
Re:DDoSing and Script Kiddies in general (Score:2)
Re:DDoSing and Script Kiddies in general (Score:3, Informative)
The majority (as in everyone that I've met) has always tried to be non-destructive. There was one kid who hacked a server and panicked when he didn't know how to fix up the logs and instead wipped the machine. He got shunned and banned from the chat rooms.
One reason, from a cold and practicle point of view, is that nobodies wants to piss off anyone important for fear of retribution, and plus the idea is to have servers that you can use to download stuff on, and use for private irc servers etc.
Doesn't answer your question sorry, but I just wanted to point out that even in the 'hacking' world people are pissed off and annoyed by this.
Re:DDoSing and Script Kiddies in general (Score:2)
Re:DDoSing and Script Kiddies in general (Score:5, Interesting)
Note that hardly any of viruses, worms, etc cause any real damage. Imagine the harm you could do if you really wanted. Imagine if code-red wiped the drive. Imagine if this SQL worm spread really slowly and randomly modified the SQL database. If it wasn't detected for ages, yet had slowly deteriated the database over a matter of months hence rendering backups next to worthless.
Re:DDoSing and Script Kiddies in general (Score:3, Funny)
In that case, I believe the correct term is Service Pack.
Re:DDoSing and Script Kiddies in general (Score:2)
Fortunately you're full of shit and these events only happened in your fantasy life, but
These kids think
they're so big and bad until they realize how pathetic they are in real life
So you conclude that the reason they launch attacks is that they feel inadequate IRL, and your solution is to make them feel more inadequate there? Brilliant corrections strategy. You wouldn't be John Ashcroft would you?
Re:DDoSing and Script Kiddies in general (Score:2, Insightful)
Script kiddies don't write worms though, at least not the sophisticated kind. Sure, they might turn out Melissa v24.0 in VB, but these advanced attacks are written by people with much more skill.
Not cyberwarefare. (Score:4, Insightful)
Of course the modified version someone else now crafts that starts spreading sometime next week might actually aim to do some persistent damage, but this version didn't.
In fact, you might even regard this as a blessing in disguise. The worm spread on a Friday night/Saturday morning, when least business would be affected. As of this morning, most ISPs now have filters in place, so any follow up isn't likely to do much damage, and it will now be hard to launch a really destructive attack using this particular vulnerability in future.
- Fzz
Re:EFNET and ident (Score:2, Informative)
Two cases where requiring ident is actually helpful; there's thousands of open proxies which can be used to connect to IRC servers, but most of them aren't running ident. Also it's not too hard to get a non-priviledged shell on an awful lot of webservers, most of which aren't running ident. It's a lot harder to get root and enable ident in both these cases, so by requiring ident you cut down the size of Joe Random Skriptkiddie's botnet rather sharply.
Bank ATM's knocked out (Score:5, Interesting)
Link
I can't believe that BoA has their ATM's on the internet -- anyone know more about how it got to their ATM network?
Re:Bank ATM's knocked out (Score:5, Interesting)
Re:Bank ATM's knocked out (Score:3, Interesting)
--jeff++
What's up with email? (Score:5, Funny)
Re:What's up with email? (Score:2)
Self-destructive (Score:5, Insightful)
Re:Self-destructive (Score:2)
hope the ddos'ers enjoy jail (Score:2, Insightful)
Sure you could say "Microsoft is wrong for HAVING this activation feature", but that is incorrect. Attacking ANY company's network is wrong, and very illegal. How would you feel if the servers you get open-source applications from were made unusable because someone attacked the network they were hosted on? This is the same thing.
I hope the people who are responsible for this attack (which is technically terrorism) are thrown in jail. It will likely be a long sentence.
Re:hope the ddos'ers enjoy jail (Score:5, Insightful)
Those who start these DDoS attacks are seen less like your standard fare and labled TERRORISTs. I don't see them creating terror. Perhaps we should all take a look at this definition of terrorist from Merriam Webster [merriam-webster.com]:
One entry found for terrorism.
Main Entry: terrorism
Pronunciation: 'ter-&r-"i-z&m
Function: noun
Date: 1795
: the systematic use of terror especially as a means of coercion
- terrorist
- terroristic
Usama and his bunch are terrorists.
The people responsible for this attack are more akin to electronic warriors. Whether or not they are right in their methodology OR targets makes them no more and no less. Yes, they are criminals, but I really don't think any such attack against any company that experiences so many can be called a "random act of terror". It's more like a concerted effort to destroy said company.
Had they issued some sort of demand with a threat of physical violence, I'd change my opinion, but as it stands the people responsible are criminals/warriors.
Re:hope the ddos'ers enjoy jail (Score:4, Insightful)
One entry found for terrorism. /-&r-ist/ adjective or noun /"ter-&r-'is-tik/ adjective
Main Entry: terrorism
Pronunciation: 'ter-&r-"i-z&m
Function: noun
Date: 2001
: any activity against which more extreme measures are desired than current law permits. commonly used to argue that due process and public debate are unwarranted in this instance.
- terrorist
- terroristic
Re:hope the ddos'ers enjoy jail (Score:5, Funny)
I seriously doubt Bill Gates and other Microsoft programmers will spend any time in jail at all over this.
Re:hope the ddos'ers enjoy jail (Score:3, Funny)
I'd hardly call VA's lack of a business plan an "attack" on SourceForge.
Re:hope the ddos'ers enjoy jail (Score:2)
Actually, anything that gets me away the Internet tends to increase my productivity substantially. I'm probably not unique in my lack of self-discipline, either. :-)
Re:hope the ddos'ers enjoy jail (Score:2)
All true and valid points, sir. But this is Slashdot...we DDOS all of our favorite servers all the time!
And I do say that Activation is a Bad Thing (tm) but I agree that attacking any company's network is neither a valid nor legal form of protest.
--K.
Re:hope the ddos'ers enjoy jail (Score:4, Funny)
I therefore declare this thread over and whatever ideas you meant to express discredited.
Re:hope the ddos'ers enjoy jail (Score:2, Insightful)
Releasing so-called production-use software with exploitable bugs like this latest one is wrong, but unfortunately, not illegal.
How would you feel if you were told by someone (who you thought was a reputable person) that the software you were buying was stable and secure then you install it and your main database has just crapped all over itself because of some skript kiddie?
No need to worry! Your trusted vendor gives you a patch (after you pay service fees) and blames the hacker for the problem.
Here's the kicker: Your vendor is a high-prfile one. Their marketing department tells the (cluseless) media the same thing: hacker's fault, not theirs. The media passes this along to the (usually cluseless) masses. Anonymous J. Hacker is blamed by all for the problems caused by the vendor's incompetence, while the vendor suffers very little PR trouble and has no insentive to be careful in the future.
Which is worse to you? Somebody exploits a known bug, causing huge problems, or Microsoft releases dangerously insecure software, allowing the problems to occur in the first place?
Re:hope the ddos'ers enjoy jail (Score:2)
Oh shut the fuck up. Even though I agree with what you said, please do.
DoS attack on the NDP Leadership vote... (Score:2, Funny)
ISP's fault? (Score:4, Insightful)
When will the ISPs start getting off their respecitve behinds and start doing something about this? With the broadband ISPs subnets accounting for so much of the destructive power of these DDoS attacks, they have a responsibility to at least attempt to ameliorate their impact.
It's not hard to set up simple routing rules to at least curb some of these attacks. Hell, a lot of ISPs still even route spoofed IP packets out of their networks - this is nowhere near acceptable. Realistically, there is no real application for a constant stream of ICMP traffic coming from a single node - there should at least be a maximum allocatable bandwidth for ICMP set at the ISPs gateway. Obviously UDP and TCP based floods are more difficult to manage, but throttling ICMP based floods would be a step in the right direction.
All this is IMHO, of course - users have a responsibility to secure their machines, obviously, but it's going to be a hell of a lot easier to secure a few gateways and routers than a million home PCs.
Re:ISP's fault? (Score:2, Insightful)
http://slashdot.org/comments.pl?sid=51243&thres
And go *(&( yourself.
Re:ISP's fault? (Score:3, Insightful)
Never, I hope. When nimda was going around, my DSL provider blocked port 80 and never unblocked it - and it's what, a year later now? That's resulted in my being unable to access my home computer from a variety of kiosks, etc., that don't allow selecting alternate ports.
If the ISPs do anything, they should be setting up rules that catch probes from live worms and then disconnect the specific lines from which they originated.
Backend? (Score:5, Insightful)
From http://www.msnbc.com/news/864184.asp [msnbc.com]
Within a few hours, 25,000 back-end database servers had been infected, said Oliver Friedrichs, senior manager with Symantec Corp.'s security response team.
If they where truly 'backend', they wouldnt of been infected. This is because of all those open and live MS SQL servers.
SQL Worm and NDP Voting Problems (Score:2)
Ah...it all makes sense now. So it is quite likely that the NDP online voting difficulties were caused by the MS SQL worm, since the company, Election.com, used M$ Windows 2000 as their backbone. I just wish they had announced it earlier, so that I didn't have to stare into the monitor for half an hour just waiting to vote. No conspiracy theories of right-wingers trying to sabatage the election then ;)
Which brings us to another interesting question: why didn't the NDP consider open source alternatives? Then again, they've hired Election.com to handle the whole process, so I suppose they couldn't really do much about it.
Re:SQL Worm and NDP Voting Problems (Score:2, Funny)
Interesting site (Score:5, Interesting)
Seems the US military managed to leave an unpatched SQL server open to the world...
Attacks and... freedom? (Score:5, Funny)
http://interviews.slashdot.org/article.pl?sid=0
Let me try my first profit post:
1) Free Kevin
2) Start Consulting Firm
3) (cough... cough)
4) Profit!
Seriously - I'd hate to be Kevin Mitnick right now... There's probably 20 different gov't agencies all getting the warrants right now. "This much havoc can only come from ONE man!" Mwuwuwuwahahhahaha.
The DALnet attacks are the real deal (Score:5, Interesting)
As a DALnet vetran and an op of one of the top 20 channels (#80s-cartoons), I can tell you that almost all of the major channels have now moved to other networks for good. Ever since the begining of december we had outages that would last anywhere from 4 days to a WHOLE WEEK where no one could connect to a single server in the network.
The gaul of some people is pretty amazing. Apparently, these current DDos attacks have been orchestrated by some one (or group of people) that are holding the DALnet network ransom and are demanding that dalnet pays them X amount of money to stop the attacks. Mind you, these attacks have been going on for about 2 months now, and these people still aren't in custody of law enforcement. It just goes to show you that the only thing that seems to get the FBI involoved in computer crimes is corporate cash. I guantee you if such an attack was launched against a commercial website, the feds would snag these fools within one day; But since this is a non-profit organization, they seemingly don't give a shit.
A lot of the big channels from DALnet have gone to EFnet. The irony in this is quite painful (Since DALnet was initaly formed by disgruntled people from EFnet trying to escape shitty service in the first place.)
One plus about leaving DALnet on to greener pastures has been zero PM spam on the new networks at least. Well, for now.
Re:The DALnet attacks are the real deal (Score:3, Interesting)
Not true - EnterTheGame (an IRC network with ~10K users) had some attacks this summer, but they eventually tracked down the attacker and he was raided by the FBI - see the press release [enterthegame.com].
Re:The DALnet attacks are the real deal (Score:2, Funny)
Re:The DALnet attacks are the real deal (Score:3, Informative)
You could try searching for them here [netsplit.de]. That site maintains statistics on *all* the major IRC networks. It also has some very pretty graphs -- this one [netsplit.de], for example, very graphically illustrates DALnet falling off the edge of the world.
The end of Dalnet != The end of IRC (Score:2, Insightful)
Yes, the kiddies get large botnets, but that doesn't mean they win. There were times a few years ago that most EFnet servers were offline for days, and that EFnet logs many servers during that time. But the kiddies were never able to destroy the network, and it's come back stronger than ever. If anything, the kiddies didn't hurt the network, they made it better. There's a chanfix, inspired by the attacks, to restore opless and some taken-over channels. This goes a long way to preventing attacks. Most of the EFnet attacks were motivated by channel disputes.
Undernet has hid which server a user is connected to and has disabled commends such as
Where I'm going with this is the best IRC networks generally survive the attacks and are stronger in the end. I don't think an attack on Dalnet is the end of IRC.
While I'm no expert on this, as a longtime user of IRC, in the past couple years I've seen a huge rise in the number of users who send you a website to visit upon joining a channel. Some networks take the steps of helping these users remove the trojan, or removing them from the network. On the other hand, some networks do nothing to solve these problems. If these are the same trojans that provide DDoS bots, opers could be doing a lot more to track down and solve the problems. I, for one, often report these to EFnet opers, and the opers are almost always quick to remove the user from the network.
What's my point in all of this? With some common sense, some coding skills, and opers who are willing to help, a network can solve a lot of its problems. If EFnet and Undernet managed to overcome DDoS attacks many times in the past, one wonders why Dalnet wasn't able to.
And the end of Dalnet doesn't mean the end of IRC. Other networks are better prepared to deal with this sort of thing, and can survive much more than Dalnet has. While the article raises valid concerns, it's written from the standpoint of someone who doesn't seem to know much about other networks.
Anyway, I hope Dalnet doesn't just cease to exist. Somehow I doubt it will, though.
Christ Almighty... (Score:3, Funny)
Not my fault! (Score:2)
Microsoft liable (Score:2, Insightful)
-Sean
Re:Microsoft liable (Score:3, Insightful)
Isn't this kind of like blaming firearm manufacturers for a murder when some dirtbag kills someone?
What about auto manufacturers that build cars that can be stolen? Should they be liable when someone steals the car when it could have been protected by requiring the owner of the vehical to punch in a 47 digit code to operate it?
DALnet (Score:5, Informative)
There have been at least two, possibly three or four, occasions where DALnet just shut down completely for a period of at least a few days (this latest one being in the range of like a week). After the first "big" DALnet shut-down, it seems a lot of channels moved to other networks; most of these channels have even gained numbers. Seems even if DALnet does return, a lot of the channels that left it will stay on their new-found networks. The few anime channels that came back to DALnet are very slowly gaining back their numbers, but they're nowhere near the levels they used to be. As of right now, the highest count is 51 users, which is really low for a DALnet anime channel. Highest warez channel count is 68, which is also really low for a DALnet warez channel. And even the MP3 channels, which probably were some of the biggest channels on DALnet, have lost major numbers. I seem to remember them being in the area of like 600+; current count is 166. So yeah, DALnet has really been taking it in the ass.
General consensus around the parts i hang out seems to be that losing DALnet wouldn't be such a bad thing. We'd all move our channels to other networks, and be done with it. Chat channels would really love EsperNet or IRCnet, and warez/MP3/ISO/PlayStation/etc. channels have a half-dozen networks to choose from, most notably EFnet (though i despise it). Anime channels would thrive on Aniverse. DALnet was great, but, unless things see a really dramatic improvement, i think there are many that would agree that it needs to be put out of its misery as soon as possible.
What has made this all really lame has been the fact that DALnet hasn't really said anything about this. Their eZine (the DALnetizen) has truly been the opposite of helpful throughout this whole ordeal. It seemed as though DAL was almost oblivious to what was happening. There would be a paragraph about Christmas, a paragraph about the benefits of PHP, a paragraph about poems, a paragraph about some new op or something, and then tucked away in a little corner would be a little sentence or two along the lines of "ps dalnet si getitng ddosed pls bare w/ us thx". After this most recent attack, however, they've started to get their act together a bit, and have posted a lot more information regarding the situation. Information can really be helpful to their users, if they want to keep them.
Also not helping the situation are rumours(?) to the effect that the DALnet administration has resorted to childish finger-pointing, and have pretty much detached themselves from each other. DALnet isn't really doing a very good job of assuring its user base that it'll be alright. :/ Hopefully, if DALnet is to survive, this will be remedied.
And, finally, the biggest blow to DALnet has been the de-linking of several of its (best) servers. Almost all of the "good" servers, the ones that everyone had as their first picks, have disappeared. Even the "fall-back" servers seem to be gone. Evidently DALnet is picking up a few new (or renamed, maybe, i can't be sure myself) servers, even in light of the attacks, however.
So DALnet's fate is really unknown. No one can be sure, but for now it's functioning, at least in the sense that it has the ability to carry users. Who knows, though, it could be down again tomorrow.
Re:DALnet (Score:2)
Hm, some group of people is attacking the largest IRC network, presumably with the intention of bringing it down completely. Should they succeed, how good is that really for the other IRC networks?
Software Activation is a Good Thing (tm) (Score:3)
So, I did the thing any self-respecting geek would do. I download OpenOffice.org, and uninstalled Office XP. So, as you can see, software activation is a good thing for open source software, as it drives users like myself away from MS products. ;)
Worm took our lots of cash registers in Canada (Score:3, Informative)
Canadian Voting (Score:3, Informative)
I just drank an entire pot of cold coffee (Score:5, Interesting)
That set me thinking -- windows XP activation is 30 days, right ? If you don't activate, what happens in 30 days ? It demands you activate or it locks up.
How many people when installing or starting up a new computer for the first time ignore the activation because they've got to try it out right now ? A lot. What day was 30 days ago ? December 25th. What day probably features more people opening up new computers than any other ?
Perhaps they didn't try to attack the activation servers specifically, but simply thought of bringing down the net to stop the wave of Jan 25th activations, and got the activation servers as a lucky bonus.
The sky is falling! (Score:3, Interesting)
I ended up going up the street to Walgreen's and getting a 10-pack there...for probably what 2 or 3 blank CDROMs would have run me at the campus bookstore, so I suppose I can't really complain too much that university stupidity saved me some money. It was extremely annoying at the time, though.
Re:Dalnet Article is a JOKE. (Score:2)
Re:Dalnet Article is a JOKE. (Score:4, Informative)
DALnet has had practically no public servers available since sometime early December, this thing is no joke.
Re:Dalnet Article is a JOKE. (Score:5, Informative)
Uhh...the Slashdot article on the sale of DALnet was a joke, but the DDoS attack on DALnet is very real. Actually, several IRC networks have been getting DDoSed in recent months.
But is it a side-effect? (Score:3, Insightful)
The (new) article referenced in this article's initial post describes, not a DDoS attack on the IRC server, but a use of the IRC server as a control point for a DDoS attack on something else. (The "bots" - infected machines - connect to the IRC server and lurk on the channel for their master to give them orders.)
So perhaps the DDoSing of DALnet and/or other IRC servers is not an attempt to take out the servers themselves, but a side-effect of the progeny of a particularly fecund worm "phoning home" to ask for futher orders.
And perhps those trying to track down the authors of the worms will soon be bugging the worms' favorite IRC servers in the hopes of tracing the perpetrator when he finally logs in to give 'em marching orders.
(A marching army of worms. What an image. Something like an angry horde of bananna slugs on pogo sticks [acidrefluxcomic.com].
Worse yet would be an attempt to shut down IRC servers in general. Of course this wouldn't stop the worms, as the authors would quickly switch to another method of controlling them. So it would just eliminate another Internet tool without having any perceptable benefits.
Re:Dalnet Article is a JOKE. (Score:2)
Re:Speculate: DOS DALNet attacks may be corporate (Score:2)