GOLFnSUN
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
|  reply to footballdude
Re: Illegal?
said by footballdude  :Aren't DDOS attacks illegal? If they admit doing it, shouldn't there be legal action? had their systems set to automatically bombarded the closed tracker with 8,000 SYN packets a second The systems weren't SET to create a DDos. That was a side affect of an attempt to reach a resource that was taken offline. Should MD been monitoring their system better? No doubt about it. But the characterization that they PLANNED a DDos is wrong.
--
My BLOG .. .. Internet News .. .. My Web Page |
|
Matt
Gone playing Dragon Age Origins
Premium
join:2003-07-20
Jamestown, NC
 ·North State Commun..
| said by GOLFnSUN :said by footballdude :Aren't DDOS attacks illegal? If they admit doing it, shouldn't there be legal action? had their systems set to automatically bombarded the closed tracker with 8,000 SYN packets a second The systems weren't SET to create a DDos. That was a side affect of an attempt to reach a resource that was taken offline. Should MD been monitoring their system better? No doubt about it. But the characterization that they PLANNED a DDos is wrong. Trying to establish 8000 new sessions a SECOND is a DDoS, whether they meant to or not. Claiming ignorance is no excuse. Media Defender can claim whatever they want, but I'm sure this was completely intentional behavior that they KNEW would take the smaller trackers offline if the trackers found a way to block them.
Kind of like my girlfriend dropping a grenade in CoD4 after I killed her - only Media Defender's grenade was 9Gbps of bandwidth and hundreds of servers pumping out 8000 SYN requests per second. |
|
Omega
Displaced Ohioan
Premium
join:2002-07-30
Cheyenne, WY
clubs: 
·Bresnan Online
·Verizon Wireless B..
·Comcast
·AT&T Midwest
| reply to GOLFnSUN
said by GOLFnSUN :said by footballdude :Aren't DDOS attacks illegal? If they admit doing it, shouldn't there be legal action? had their systems set to automatically bombarded the closed tracker with 8,000 SYN packets a second The systems weren't SET to create a DDos. That was a side affect of an attempt to reach a resource that was taken offline. Should MD been monitoring their system better? No doubt about it. But the characterization that they PLANNED a DDos is wrong. So you support media defender inserting fake files into legal torrents? |
|
Austinloop
join:2001-08-19
Austin, TX | reply to GOLFnSUN
Following that logic, if someone's gun was to go off accidentally and dispatch you from this earthly vail of tears, the shooter should get a pass because it was an accident???? |
|
TScheisskopf
World News Trust
join:2005-02-13
Belvidere, NJ
·Sprint Broadband D..
| reply to GOLFnSUN
said by GOLFnSUN :said by footballdude :Aren't DDOS attacks illegal? If they admit doing it, shouldn't there be legal action? had their systems set to automatically bombarded the closed tracker with 8,000 SYN packets a second The systems weren't SET to create a DDos. That was a side affect of an attempt to reach a resource that was taken offline. Should MD been monitoring their system better? No doubt about it. But the characterization that they PLANNED a DDos is wrong. Says who? You? Your source for this is what? Media Defender? Have you no shame?
8000 connection attempts PER SECOND. Let me repeat that so it might sink in: 8000 CONNECTION ATTEMPTS PER SECOND. That is 8 connection attempts per millisecond. Care to posit what kind of hardware and software resources are needed to send SYN packets at that rate? Tell you what: if a clueful cop caught you or me with software that was intended to work in that manner, he or she would, at the very minimum, make us his or her long-term hobby and our lives something of a living hell.
No, I really guess you don't have any shame, if you are gonna come around peddling that. |
|
Mchart
Super Joe
join:2004-01-21
Gurnee, IL
·AT&T Yahoo
·RoadRunner Cable
| reply to GOLFnSUN
said by GOLFnSUN :said by footballdude :Aren't DDOS attacks illegal? If they admit doing it, shouldn't there be legal action? had their systems set to automatically bombarded the closed tracker with 8,000 SYN packets a second The systems weren't SET to create a DDos. That was a side affect of an attempt to reach a resource that was taken offline. Should MD been monitoring their system better? No doubt about it. But the characterization that they PLANNED a DDos is wrong. I don't think you realize the scope of what really happened. To create that large amount of traffic one would either have to be in control of a large botnet, or have a server-farm connected to a fairly large SONET link. Regardless if it was planned or not, it is a classic case of denial of service, and considering how large and aggressive it was - it likely was planned. |
|
Sal663543
@utoronto.ca
| reply to GOLFnSUN
said by GOLFnSUN :said by footballdude :Aren't DDOS attacks illegal? If they admit doing it, shouldn't there be legal action? had their systems set to automatically bombarded the closed tracker with 8,000 SYN packets a second The systems weren't SET to create a DDos. That was a side affect of an attempt to reach a resource that was taken offline. I'm guessing hackers should start using that one as a defense. |
|
Crookshanks
join:2008-02-04
Endicott, NY
| reply to Matt
said by Matt :Trying to establish 8000 new sessions a SECOND is a DDoS Minor nitpick but I don't know as if I'd call that a 'DDoS'. DDoS == distributed denial of service attack and is typically something that is launched with thousands of different hosts on hundreds of different networks, usually using owned systems (via a botnet).
What Media Defender did definitely qualifies as a DoS but I'd question whether or not the usage of the term 'DDoS' is accurate here. |
|
nixen
Rockin' the Boxen
Premium
join:2002-10-04
Alexandria, VA
·Cox HSI
·Speakeasy
| reply to Austinloop
said by Austinloop :Following that logic, if someone's gun was to go off accidentally and dispatch you from this earthly vail of tears, the shooter should get a pass because it was an accident???? Well, it would be the difference between a murder charge and a manslaughter charge...
--
The trouble with the world is that the stupid are cocksure and the intelligent are full of doubt. -- Bertrand Russell |
|
Austinloop
join:2001-08-19
Austin, TX | Agreed, but T.K. is apparently indicating that MD should get a pass on any repercussions because they didn't mean to do a DDOS/DOS attack, their equipment was just set wrong. Yeah Right!!!!! |
|
texans20
Weapons of Masturbation
Premium
join:2002-09-28
Texas!
clubs:
| said by Austinloop :Agreed, but T.K. is apparently indicating that MD should get a pass on any repercussions because they didn't mean to do a DDOS/DOS attack, their equipment was just set wrong. Yeah Right!!!!! I don't speak for TK, as he is capable of speaking for himself, but I'd like to know where he said the company should get a free pass.
--
"I sincerely believe the banking institutions having the issuing power of money are more dangerous to liberty than standing armies." Thomas Jefferson |
|
yock
TFTC
Premium
join:2000-11-21
Fairfield, OH
| reply to GOLFnSUN
said by GOLFnSUN :said by footballdude :Aren't DDOS attacks illegal? If they admit doing it, shouldn't there be legal action? had their systems set to automatically bombarded the closed tracker with 8,000 SYN packets a second The systems weren't SET to create a DDos. That was a side affect of an attempt to reach a resource that was taken offline. Should MD been monitoring their system better? No doubt about it. But the characterization that they PLANNED a DDos is wrong. They should have to live with the side-effects of their system configuration just like anyone else. That many packets per second is nowhere close to being reasonable, and their systems architect would know it.
It's either gross negligence, or intentional tort. |
|
Necronomikro
join:2005-09-01
| reply to Crookshanks
said by Crookshanks :said by Matt :Trying to establish 8000 new sessions a SECOND is a DDoS Minor nitpick but I don't know as if I'd call that a 'DDoS'. DDoS == distributed denial of service attack and is typically something that is launched with thousands of different hosts on hundreds of different networks, usually using owned systems (via a botnet). What Media Defender did definitely qualifies as a DoS but I'd question whether or not the usage of the term 'DDoS' is accurate here. "The company, with 2,000 servers and 9Gbps of dedicated bandwidth at their disposal"
Sounds like a DDOS to me. May not have been distributed amongst many different networks, but it was many different computers within a high-speed network. |
|
dnoyeB
Ferrous Phallus
join:2000-10-09
Southfield, MI | I think its resonable to assume it was distributed. Otherwise 2000 computers are not getting out of the same network pipe without DOSsing themselves. |
|
dnoyeB
Ferrous Phallus
join:2000-10-09
Southfield, MI
| reply to nixen
It could also be the difference between manslaughter and negligent homicide. Considering, one has no business with his gun pointed at your nugget in the first place.
--
dnoyeB
"Then said I, Wisdom [is] better than strength: nevertheless the poor man's wisdom [is] despised, and his words are not heard. " Ecclesiastes 9:16
|
|
cornelius785
join:2006-10-26
Worcester, MA
| reply to Necronomikro
i consider a DoS attack to be a DDoS attack when the packets come from computers that are distributed over a large area, not (from the sounds of it) a server farm. i don't know all the little details but based on "The company, with 2,000 servers and 9Gbps of dedicated bandwidth at their disposal" and that all the packets originated from a small set of IP addresses (maybe one???), but i wouldn't consider that a DDoS attack. i'm guessing the reason for all the servers (assuming they were in a server farm) was to be able to ensure the entire bandwidth of the connection (9 Gbps) could be saturated. |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
 ·Skype
| reply to Necronomikro
said by Necronomikro :"The company, with 2,000 servers and 9Gbps of dedicated bandwidth at their disposal" Sounds like a DDOS to me. May not have been distributed amongst many different networks, but it was many different computers within a high-speed network. According to the logs that I saw, two IPTABLES entries would have solved it. It sounds like they made a last-minute change on a Friday and left town for the weekend. MediaDefender's buggy scripts went nuts.
This was "amateur hour" on both MediaDefenders and Revision3's accounts. That said, MediaDefender was the inflicter of damage and was the primary cause of this accident.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
HTTP is the new Bandwidth Hog...
|
|
Matt
Gone playing Dragon Age Origins
Premium
join:2003-07-20
Jamestown, NC
·North State Commun..
| said by funchords :said by Necronomikro :"The company, with 2,000 servers and 9Gbps of dedicated bandwidth at their disposal" Sounds like a DDOS to me. May not have been distributed amongst many different networks, but it was many different computers within a high-speed network. According to the logs that I saw, two IPTABLES entries would have solved it. It sounds like they made a last-minute change on a Friday and left town for the weekend. MediaDefender's buggy scripts went nuts. This was "amateur hour" on both MediaDefenders and Revision3's accounts. That said, MediaDefender was the inflicter of damage and was the primary cause of this accident. Doesn't matter what you do with iptables if you're sitting on a 100Mbps, or even 1Gbps port, and you have 9Gbps of traffic coming at you. |
|
openbox9
join:2004-01-26
Alexandria, VA
·AT&T Southeast
| I doubt that MD was utilizing all 9 Gbps to flood Revision3. I haven't seen the logs that funchords is referring to, but iptables or PF, or pick your packet filter can be quite effective against rudimentary DoS attacks. |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC | reply to Matt
very true |
|
