…the wanderings

DDoS Wars

A DDoS attack is easier to inflect compared to the effort necessary in deflecting or defending against it. Think of it as Gurrilla Warefare ensued with a herd of Zombies.

That is exactly what a Botnet based DDoS attack represents in the networking world. Coercion replaces loyalty as Malware perpetrates through the network to increase the size of a herd. All you need is the right triggers (like people who will click through links) and crowd-sourcing takes over. Last year Craig Labovitz at Arbor described a DDoS at over 30Gbps on an Asian mobile operator. It is likely to have been done with a herd numbering in 10s of thousands rather than the order of million botnets known to exist today.

This is a new turn to what was ‘affectionately’ called the Slashdot Effect in earlier days but, with a bad twist. Traffic is intentionally diverted by a botnet herder. Their target might be popular but does not really appreciate (nor can benefit from) the incoming volume.

First thing to note about a DDoS (or DoS in general) is the fact that trying to throttle such an attack is actually playing in the hands of the attacker — a self-inflicted denial-of-service. Trying a selective block is not very fruitful when the attack is distributed well over the Internet landscape and, laden with guerrilla tactics.

It is more of a pipe-dream to expect everyone will protect their end-hosts from
Malware attempts to subvert and assimilate into a growing botnet. And waiting for a curseder (good-guy) that will spread along the malware channels to wipe out the bad-boys has its own risks.

At a higher level, the Internet infrastructure could analyze elements of such a botnet and attempt to sterilize it (a quick and more generally visible example is OpenDNS).

If a potential target (company, nation; Google?) can afford distributed hosting on the Internet, it would make an intimidating challenge to the botnet with multiple points that need to be compromised before a successful DDoS is achieved. This is when a larger Botnet will have to rear its head for a Multiple DDoS.

As malware writers get more sophisticated, the attack itself is more silent and versatile. But, DDoS is not a one-way tool and can be used by both sides. Around the start of this month, Aiplex Software was hired by the likes of MPAA and RIAA to attack piracy sites. This instigated a retaliation which is currently in progress (www.aiplex.com is off-line as of this writing). So, which side wins with this? None, I guess if anyone benefits, it would be the RBN, and ultimately terrorist organizations, probably.

But, this is not yet the end of this story and over time I expect we will hear more on this round of DDoS.

Meanwhile, you can catch the background on this from a recent non-fiction book Fatal System Error – The Hunt for the New Crime Lords Who are Bringing Down the Internet, by Joseph Menn. It runs though an account of such warfare over the last decade taking specific examples (see Prolexic).

The Prolexic timeline showing DDoS progress

DDoS Evolution (Prolexic)

September 30, 2010 Posted by | reading, security | , , , , | Leave a comment

What is Bad Science

After my last post on down-voting a book categorized as non-fiction and science, it seems only fair that I give an alternative reference on what might be a goodread rather than that work. I cannot find an exact complement for that book, but here is one that can take the place for now.

Book Cover: Bad Science  by Ben Goldacre
Bad Science by Ben Goldacre.

There is a nice Wikipedia page on this book, so I won’t have to put in a lot of effort to compare it with the one in my last post. My Book Probe hit a true on this one and I have already read it since then. If you came here checking out the Michael Brooks book or looking for material on Placebo, Homeopathy and the likes, I suggest you check this work first before venturing into the 13 things that don’t make sense.

You can also check out a free chapter, “The Doctor Will Sue You Now” available as a PDF file.

PS: I am very happy to tag this post ‘science’.

February 22, 2010 Posted by | reading | , , | Leave a comment

Things just don’t make sense

Book Probe: these are small bits from my search on good books to read.
These things cannot be called reviews, because I have not yet read the book; its the decision of reading it that is being concluded here.

13 Things That Don’t Make Sense: The Most Baffling Scientific Mysteries of Our Time,
Michael Brooks.

There are some books on ‘science’ that — thankfully — highlight their bias of research/facts very easily. It is because authors put up more details like this that I get more time checking rest of the books.

That chapter description strikes out Michael Brooks from my science reading list.
Still have doubts?

I wonder how many intrigued people will jump at a possible opportunity of learning new science after checking the profile on his site,

“Michael Brooks, who holds a PhD in quantum physics, is an author, journalist and broadcaster. He is a consultant at NewScientist, a weekly magazine with over three quarters of a million readers worldwide, and the author of the acclaimed non-fiction title 13 Things That Don’t Make Sense and the techno-thriller Entanglement.”

I may however consider his fiction work, Entanglement. He seems to have a knack for these things. It takes a bit more than Escher-works to research anomalies.
PS: I could not make myself tag this post under ‘science’.

February 21, 2010 Posted by | reading | , | Leave a comment