Pages: [1] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 1 post(s) |
Akara Serine
|
Posted - 2011.06.15 20:52:00 -
[1]
So obviously Lulzsec is using a botnet, some may be aware of their computer being a part of the botnet, some may not.
But how would a user's computer respond to actually DDoS'ing a site/server? Im assuming their internet would run very poorly correct? (mines not im just curious).
|
Comet Catcher
|
Posted - 2011.06.15 20:55:00 -
[2]
Kind of depends on how those scriptkiddies configured their crap. If your infected computer uses only 20% of your bandwidth you probably won't even feel a difference.
I really hope those asses get arrested.. DDoS is not even hacking, it's just flooding with large amounts of data.
|
Hu Lu
|
Posted - 2011.06.15 20:56:00 -
[3]
yeah, youÆd notice a sudden spike in traffic and thus a drop in performance
|
Mr M
|
Posted - 2011.06.15 21:01:00 -
[4]
Well... it depends on the size of the botnet really. At least in theory every computer in the botnet could send a request every second, and in that case it wouldn't have any effect on your computer.
Write for the Eve Tribune |
Orlacc
|
Posted - 2011.06.15 21:02:00 -
[5]
The hacking part is that during the DDos, code can be injected into a target net.
|
Comet Catcher
|
Posted - 2011.06.15 21:05:00 -
[6]
Originally by: Orlacc The hacking part is that during the DDos, code can be injected into a target net.
I'd really like to see some proof of concept about that. DDoS is just pinging an ip with a throng of packets, how would you be able to inject code by doing that? (assuming CCP's netcode isn't total crap with obvious weird vulnerabilities)
|
Cave Lord
|
Posted - 2011.06.15 21:06:00 -
[7]
DDOS stands for "Distributed Denial of Service". The idea is more than 1 computer (usually hundreds/thousands/millions" of computers each try to send packets as fast as they possibly can to a central point and overload it.
Depending on several factors, this may or may not effect your internet connection speed.
For example, if your machine at home was part of the attack, it might take a few seconds to locate a webpage and a split second to load it. The few seconds trying to get to the page was the delay in sending the request to the DNS server.
Another example might be at work, where you're behind a webfilter, have a local DNS server, and rate-limiting on a per-computer basis. You might actually NEVER know you were participating until you get a phonecall from your I.T. person or you look at traffic graphs and see unexplained network communication. Or you might find yourself completely cut off from your network because a managed switch is detecting goofy activity and shuts down the port you are connected to.
For the most part, the participating computer itself, unless it was very old, would continue to function just fine. Unless the bot-authors decided to do something malicious to your computer.
|
Hu Lu
|
Posted - 2011.06.15 21:06:00 -
[8]
usually, there arenÆt enough zombies to run them on a low frequency and their inability to actually ddos eveÆs servers doesnÆt really speak for a hugely sophisticated botnetà
|
Comet Catcher
|
Posted - 2011.06.15 21:14:00 -
[9]
Originally by: Cave Lord Edited by: Cave Lord on 15/06/2011 21:09:45 In a simplified explanation, if you can overload the processing buffers of a host, there's a possibility it will start executing whatever code is in that buffer. (Depends on how the software is coded). A DDOS with injection code on a well-coded and protected host will knock it offline. A similar attack on a badly-coded and semi-protected host could have code injected and automatically executed by the host.
You'd need REALLY bad serverside code for that to work, tho. Database stuff shouldn't even be coupled with serverside code in that way at all and even then we should be able to expect some failsave mechanism from CCP.
|
DeceivingApperance
Caldari
|
Posted - 2011.06.15 21:18:00 -
[10]
Originally by: Comet Catcher
Originally by: Orlacc The hacking part is that during the DDos, code can be injected into a target net.
I'd really like to see some proof of concept about that. DDoS is just pinging an ip with a throng of packets, how would you be able to inject code by doing that? (assuming CCP's netcode isn't total crap with obvious weird vulnerabilities)
imagine there was a way to make ie. a webserver run in circles literally code-wise it's a denial of service in that the computer is stuck running either injected code (due to an entry point), or a simple bug that makes this happen it's not uncommon, but it doesn't require a botnet i can't remember off the top of my head any examples of a ddos actually making something easier to gain access to besides old router/node software :) (which im not going to give more elaborate examples about) they used to reset to some default configuration i believe it was.. and was probably before ddos was widely known about if you never updated the software on such a hardware, it would be open to such an attack obviously
im surprised that lulzsec gained access to a business line.. didn't think that still happened the good news is, they probably shouldn't have done that :) now the clock is ticking
|
|
Nadrick
|
Posted - 2011.06.15 21:19:00 -
[11]
Originally by: Comet Catcher
Originally by: Cave Lord Edited by: Cave Lord on 15/06/2011 21:09:45 In a simplified explanation, if you can overload the processing buffers of a host, there's a possibility it will start executing whatever code is in that buffer. (Depends on how the software is coded). A DDOS with injection code on a well-coded and protected host will knock it offline. A similar attack on a badly-coded and semi-protected host could have code injected and automatically executed by the host.
You'd need REALLY bad serverside code for that to work, tho. Database stuff shouldn't even be coupled with serverside code in that way at all and even then we should be able to expect some failsave mechanism from CCP.
the might on/off switch is the ultimate failsafe wth is a signature? |
Comet Catcher
|
Posted - 2011.06.15 21:24:00 -
[12]
Originally by: DeceivingApperance
Originally by: Comet Catcher
Originally by: Orlacc The hacking part is that during the DDos, code can be injected into a target net.
I'd really like to see some proof of concept about that. DDoS is just pinging an ip with a throng of packets, how would you be able to inject code by doing that? (assuming CCP's netcode isn't total crap with obvious weird vulnerabilities)
imagine there was a way to make ie. a webserver run in circles literally code-wise it's a denial of service in that the computer is stuck running either injected code (due to an entry point), or a simple bug that makes this happen it's not uncommon, but it doesn't require a botnet i can't remember off the top of my head any examples of a ddos actually making something easier to gain access to besides old router/node software :) (which im not going to give more elaborate examples about) they used to reset to some default configuration i believe it was.. and was probably before ddos was widely known about if you never updated the software on such a hardware, it would be open to such an attack obviously
im surprised that lulzsec gained access to a business line.. didn't think that still happened the good news is, they probably shouldn't have done that :) now the clock is ticking
I know how a overflow works, it's kind of a very old technique to f*ck with all kinds of systems, but i don't really believe CCP's serverside code would be that vulnerable, especially since it's not open source. (They didn't actually get CCP's sourcecode, did they?) Still thanks for taking the time to explain. :3
|
Orlacc
|
Posted - 2011.06.15 21:28:00 -
[13]
I'm glad they shut down the API for now.
|
|
CCP Wrangler
|
Posted - 2011.06.15 21:31:00 -
[14]
Please go to this forum thread for updates and to discuss the current issues.
Wrangler Senior Community Manager CCP Hf, EVE Online Contact us
If it's stupid but works, it isn't stupid. |
|
|
|
|
Pages: [1] :: one page |
First page | Previous page | Next page | Last page |