DoS attacks on the rise?

[AndrewCCM]

Quote:

Originally Posted by Tapper

Changes? We did all the testing and so forth in 06 - did they change it?

Yep.. much more stringent requirements based on how much web/e-commerce CC processing you do. Everything from 3rd party penetration certification to firewall rulebase review.. Speaking of UGH.. I have to go in to the office right now to collect evidence in a potential internal CC fraud investigation. Gonna try and do it via VPN first.. but I have this sneaky suspicion that I will be leaving in a few..

[AndrewCCM]

BTW:

https://www.pcisecuritystandards.org...i_dss_v1-1.pdf

I "think" this is the newest revision due in 2007. It did come out in 2006 though.

Here is a bit more on the changes. I haven't started working on it "yet".. But it's coming.

http://www.computerworld.com/action/...icleId=9003229

[Ahh!]

So, when my network a few weeks ago started slowing to a crawl I replaced my netgear with a belkin (a handy thing to spare). Problem over. 5 minutes. But i haven't had the time to diagnose the netgear to figure out if it was the culprit or a DoS local storm. But I, too, had heard of recent localized storms in residential dsl-land.

I keep that spare for traveling when they have no wireless and I have 2 or more laptops in my team. Cuts down on the telecom bill at the hotel...and allows us to stuff 35 people in a conference room equiped with the usual 1 or 2 ports during the day.

[Tapper]

Quote:

Originally Posted by AndrewCCM

Yep.. much more stringent requirements based on how much web/e-commerce CC processing you do. Everything from 3rd party penetration certification to firewall rulebase review.. Speaking of UGH.. I have to go in to the office right now to collect evidence in a potential internal CC fraud investigation. Gonna try and do it via VPN first.. but I have this sneaky suspicion that I will be leaving in a few..

We switched up our stuff, and mainly do CC stuff on an offsite server now, which reduces the nosiness :)

Feel ya on the Vpn thing. Been there, so many times...

[engstrom]

Quote:

Originally Posted by rages4calm

In answer to your attacks you should probably try Masking your ip address or mac address and changing your encryption on your router from WEP to WPA or if you don't have one at all then WEP will still do just as good.

I couldn't disagree more about using WEP. It may actually do more harm than good by providing a false sense of security. A hacker with an easily available tool and 10 minutes can crack WEP - it will be slightly longer for larger WEP keys but still very doable. WPA is the only way to go - and even then you should realize a determined hacker can probably get in - it will just take a while.

http://www.youtube.com/watch?v=6y4k2EM0zr4

[Jeff_Green]

NERDS!!!

[srwatters]

WPA2 with a long key string.

[rages4calm]

Quote:

Originally Posted by engstrom

I couldn't disagree more about using WEP. It may actually do more harm than good by providing a false sense of security. A hacker with an easily available tool and 10 minutes can crack WEP - it will be slightly longer for larger WEP keys but still very doable. WPA is the only way to go - and even then you should realize a determined hacker can probably get in - it will just take a while.

http://www.youtube.com/watch?v=6y4k2EM0zr4

Yep, way to easy to get around these days and I know there is a great number of war drivers around here with there little net stumblers, cain and abel etc..

Quote:

Originally Posted by Tapper

Responding (attacking back) to these probes or exploit attempts accomplishes two things.

1. You commit a rather serious felony. Note that word felony. If you download some stupid script kiddie utility off the net, and aim it at some poor ignorant souls compromised computer, you're liable to have someone like me track you down. If that happens, don't look for mercy. You won't get any. These days, running stuff like that is good for a trip to a nice PMITA federal pen.

2. Rather than some supar s3cr4t l33t h4x0r, you'll actually be attacking some poor fool who's only crime was being to lazy to learn how to operate their computer. And that makes you the bad guy.

That is true for the most part, but I also learned throughout alot of the seminars my job has sent me to, that as long as you have little messages on your server that are clearly seen when someone makes an attempt to jump in with there attack that states upon failure to make there attack they are agreeing to whatever is on that document.

Now that isn't exactly legal but it does help, and I would not exactly nor do I know anyone who would make an attack back that would be considered a felony. Technically speaking most hacking is considered legal as long as they are just exploring, (except when it comes to government and education)

I agree though and I still find it fun either way if anything its a learning experience.
BTW ya'll run spyder servers?

[Tapper]

Quote:

Originally Posted by rages4calm

That is true for the most part, but I also learned throughout alot of the seminars my job has sent me to, that as long as you have little messages on your server that are clearly seen when someone makes an attempt to jump in with there attack that states upon failure to make there attack they are agreeing to whatever is on that document.

Now that isn't exactly legal but it does help, and I would not exactly nor do I know anyone who would make an attack back that would be considered a felony. Technically speaking most hacking is considered legal as long as they are just exploring, (except when it comes to government and education)

I agree though and I still find it fun either way if anything its a learning experience.
BTW ya'll run spyder servers?

Not exactly sure what you are saying here, but if I understand correctly you're saying that posting a "If you hit me I get to hit you back" notice on a website somewhere on your machine, you are exempted from the law. I would advise you to consider some different seminars.

But summarizing - several courts have held that persons accessing (portscans are considered a form of remote access without permission) a remote network/machine are
guilty of violating several different federal statutes. And no, I don't think "well, he started it" is going to be much help if you get charged. Typically, the ISP - as the owner of the link you traversed - is going to be the party that the State listens to. And they didn't agree to anything, did they?

Bottom line, it's just a really really bad time to be messing around this way on the networks. Secure your own machine, and don't be cute with other people's machines, and you'll save yourself a lot of grief.

[rages4calm]

Quote:

Originally Posted by Tapper

Not exactly sure what you are saying here, but if I understand correctly you're saying that posting a "If you hit me I get to hit you back" notice on a website somewhere on your machine, you are exempted from the law. I would advise you to consider some different seminars.

Selective reading eh :) ? I never said it was legal. If anything its a way to scare the person who is attempting an attack. As far as the law goes, your right its divided in several areas, it may not be illegal in some states but that doesn't mean the ISP allows it.
What I stated is no different then what microsoft telnet server messages use to give, it was never legal but it gave a good scare to people.

[AndrewCCM]

Quote:

Originally Posted by Jeff_Green

NERDS!!!

Hey! I resemble that remark!

[babybluetx23]

Hey Scott when I WAS working for verizon we would see that ALOT!!! we would see it on a Daily basis at LEAST three times a day! I dont know where they are coming from or why? I havent seen anything like that at my house, but I dont live in FIOS territory =( We have comcast....roadrunner...time warner....whatever they are calling themselves now a days.