Bugtraq mailing list archives
Re: New DDoS?
From: Alfred Perlstein <bright () WINTELCOM NET>
Date: Tue, 9 Jan 2001 10:51:44 -0800
* nealk <nealk () verinet com> [010109 10:41] wrote:
I think I have stumbled across a new category of distributed denial of service (DDoS). (If this is old news, I'm sure I'll be corrected; it's new to me.) Traditional DDoS have the follow flow: - A host (or few hosts) controls a large number of clients. - The clients are directed by the host to attack a single site/server. The attack can either be network or service oriented. Alternate (New) DDoS model: - Server 'A' directly prevents all clients from accessing server 'B'. Here's an example of how it could work: I recently posted about a Flash plugin risk that can crash or hang a browser. Let's say that someone placed a corrupt Flash (SWF) file on a web server. All clients that access the web server and that view the Flash file (about 90% of all browsers can, so this is a good assumption) will have their browsers crash or hang.
While this is a possibility, it doesn't make much sense, news would spread like wildfire and people would drop links to the add service pretty quickly. Your attack would need either: a) a suicidal company. b) a hacked ad server. c) widespread DNS poisoning. Ad services can do other nasties like using 302s to redirect hundreds or thousands of hits to a particularly system intensive service on a remote site, that's a nasty DoS but also a good way to get yourself involved in a nasty lawsuit. -- -Alfred Perlstein - [bright () wintelcom net|alfred () freebsd org] "I have the heart of a child; I keep it in a jar on my desk."
Current thread:
- New DDoS? nealk (Jan 09)
- Re: New DDoS? Szilveszter Adam (Jan 09)
- Re: New DDoS? Alfred Perlstein (Jan 09)
- Re: New DDoS? Ryan Russell (Jan 09)
- Re: New DDoS? Darren Reed (Jan 10)
- Re: New DDoS? Ryan Russell (Jan 10)
- Re: New DDoS? Darren Reed (Jan 10)
- Re: New DDoS? Mailing List (Jan 09)