Firewall Wizards mailing list archives
Re: the expensive way to do DDoS ?
From: Robert Graham <robert_david_graham () yahoo com>
Date: Tue, 22 Feb 2000 10:03:58 -0800 (PST)
A $500 Celeron system can fill a 100-mbps pipe pretty easily with 148,800 SYNs per second (I've done it, on Windows no less). Host one each at AboveNet, Exodus, Conexion, Pair, etc. I would say that you need less than 20. However, hiding yourself at the POP can be tough. On one hand, they don't have good security practices, so you can have fun spoofing neighbors MAC addresses and IP addresses. On the other hand, they tend to use SNMP manageable switches. They can quickly track down which port on which switch is sending out the traffic and shut them off. (This is why my first thought on the DDoS was that most of the traffic came from universities -- they are managed less well). Robert Graham --- Darren Reed <darrenr () reed wattle id au> wrote:
If you had money to burn, how many el-cheapo pc's would you need to install at POP's around the world such that you had a virtual army out there that was yours and from which you could send forged packets whenever you like? (just how many ISPs are going to bother checking, eh?) All you have to do is muddy the path of who the ISP thinks owns those boxes and yourself in the event that someone works out which boxes the packets are actually coming from...would 1000 be enough ? (Are there even that many POPs ? :) Maybe too expensive for a teenage hacker, but not the mafia, CIA, etc.
===== Robert Graham http://www.robertgraham.com/pubs __________________________________________________ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com
Current thread:
- the expensive way to do DDoS ? Darren Reed (Feb 21)
- Re: the expensive way to do DDoS ? Ryan Russell (Feb 23)
- Re: the expensive way to do DDoS ? Darren Reed (Feb 23)
- Re: the expensive way to do DDoS ? K. Graham (Feb 24)
- <Possible follow-ups>
- Re: the expensive way to do DDoS ? Robert Graham (Feb 23)
- Re: the expensive way to do DDoS ? Ryan Russell (Feb 23)