Re: DDos attack knocks out Alldas.de - for good?

[InfoSec News <isn () c4i org>]

Forwarded from: Darren Reed <darrenr () reed wattle id au>

You know, after reading about how the FBI has been able to get in on
the "inside" of hacking circles, I wonder if maybe it is "white hats"
who are starting attacks like this.  Why?

a) hack a site, get your hack onto a defacement archive.  The more web
   sites you do, the better you are.  By discouraging people from
   archiving web sites which get defaced there is no longer an archive
   of hackers' work, nowhere for them to say "look at all the web
   sites I hacked".  In a way the psychology here is similar to why it
   is good to clean away grafitti (which you can't easily archive,
   aside from taking photos).

b) people don't want permanent reminders of how they screwed up their
   web server security.

If people want to keep, online, an archive of hacked web sites then
maybe the answer is to make it distributed so that a DDoS attack
cannot be concentrated on any one particular target.  Maybe in doing
things like that there are solutions for other web sites in avoiding
DDoS attacks. For example, using Akami servers for real content.


In some email I received from InfoSec News, sie wrote:
> http://www.theregister.co.uk/content/55/21706.html
>
> By John Leyden
> Posted: 17/09/2001 at 15:28 GMT
>
> Alldas.de, the well known defacement archive, is once again looking
> for a home after a deal to move from its ISP fell through in the wake
> of a debilitating hack attack.
>
> Three weeks ago, Alldas was subjected to a week-long distributed
> denial of service attack which knocked the site - and its ISP Kvalito
> - offline.
>
> Kvalito introduced filtering and the DNS record of Alldas.de was
> updated so that prospective hackers would be throwing attacks at the
> site against their local host instead.
>
> Alldas.de's contract with Kvalito already on the point of expiry and
> worse followed when the ISP to which it planned to move dropped the
> hosting deal. This has left Alldas.de unavailable at a time of
> heightened interest in hacking activity.
>
> Fredrik Ostergren, a spokesman for Alldas.de, told us the site was
> looking looking for a new hosting service, but he was far from
> optimistic. "I hope we will be back up soon but it looks dark," he
> said.
>
> In June this year, Alldas.de weathered a Syn-flood attack that had a
> knock-on effect on Kvalito's other customers, throwing some of them
> online. Alldas.de received its notice to quit.
>
> At the time, Alldas.de made clear its requirements from a prospective
> future landlord.
>
> The ISP should be able to handle a growing volume of traffic that has
> reached 300GB/month, deal with 10 flames per month about port scanning
> - though Alldas.de has offered to answer those on its own - and
> tolerate the occasional DDoS attack.
>
> After Attrition.org decided to get out of the defacement archiving
> business this summer (when it decided it was too much hassle to
> continue as a hobby), Alldas.de became the main game in town.
> Interrorem.com and Safemode.org do record defacements but their
> service is not as comprehensive as that of Alldas.de.
>
> Any ISPs out there keen to save Alldas.de's service can email them
> directly. Press <press () alldas de>



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.