Bugtraq mailing list archives
Re: New DDoS?
From: Ryan Russell <ryan () SECURITYFOCUS COM>
Date: Tue, 9 Jan 2001 11:16:30 -0800
On Tue, 9 Jan 2001, nealk wrote:
Alternate (New) DDoS model: - Server 'A' directly prevents all clients from accessing server 'B'.
I don't see how this is particularly "distributed".
Let's say that someone placed a corrupt Flash (SWF) file on a web server. All clients that access the web server and that view the Flash file (about 90% of all browsers can, so this is a good assumption) will have their browsers crash or hang.
I.e. if you can hack the server, then the clients will be susceptible to client holes. Yes, absolutely. I've been waiting for this one for some time... rather that make an obvious defacement when one breaks into a web site, leave the site up as-is (at a superficial level), but with a browser hole embedded in the HTML. The problems with this being terribly effective is that it will be found relatively quickly (at least, if it's a popular site) and that there is a central place to fix it quickly. Even if the defacement sticks around for a few days, even non-technical users will pretty quickly learn that when they visit example.com, their browser crashes. The attack would have to be subtle (i.e. not crash the browser) and the site would have to be popular, but not very carefully watched by the administrators. In fact, given a powerful enough hole, this is a good way to build an army of traditional zombies. Or steal loads of personal info off of clients. Ryan
Current thread:
- New DDoS? nealk (Jan 09)
- Re: New DDoS? Szilveszter Adam (Jan 09)
- Re: New DDoS? Alfred Perlstein (Jan 09)
- Re: New DDoS? Ryan Russell (Jan 09)
- Re: New DDoS? Darren Reed (Jan 10)
- Re: New DDoS? Ryan Russell (Jan 10)
- Re: New DDoS? Darren Reed (Jan 10)
- Re: New DDoS? Mailing List (Jan 09)