Malicious programming!

[Sir Kenyth]

I've been doing a little reading on DOS, DDOS, DRDOS. (Denial Of Service, Distributed Denial Of Service, Distributed Reflected Denial Of Service) attacks and how they're done. It dropped my jaw at how relatively easy it is to do nasty things with our current Network archetecture! The standard DOS atack is easy enough to understand. A single well connected computer bombards a site or node with erroneous packets and consumes all it's resources so it can't communicate because valid traffic can't compete. It's relatively easy to defend against also.

DDOS, now there's something scary! Hackers implant invisible programs in large web sites servers. Lot's of them! These programs become part of an invisible parasitic hacker network. They are called "Zombies" and simply wait for commands. A hacker gets as many of his "Zombies" on-line as he can and sends them an IP address to send to. The servers they reside on immediately begin sending erroneous packets to the victem. There's simply no way to compete with this torrent and the poor site is washed away in a flood of electronic garbage! Filtering at the backbone routers can help alleviate an attack, but the router can't differentiate between good and bad packets, so the site loses functionality. As almost all hackers "spoof" thier address, it's nearly impossible to track them down.

DRDOS is even worse. The hacker gets his zombies to spoof their address as the victems and then send out packets to numerous other sites who think the packets are from the victem. All these sites respond to the victem as though he were trying to initiate a connection and once again, the poor site is bombarded by erroneous packets. Only this time the packets are coming in from a million different directions which makes it completely impossible to track the source!

There is no effective defense against attacks like this. The archetecture of network communication is easily exploited. This type of thing will only get worse. How will we defend our electronic resources from cyber-thugs? Many of them are as young as 13! Some younger! The Zombie Bots are made by people and then distributed through hacker channels. Most hackers don't need to program their own tools which makes it that much easier. VBscript and Jscript have made the simple act of going to a website or opening email dangerous. Most Zombie bots are implanted through using trojans via email. What do you think? I know we have plenty of computer savvy people out there and I'd love to read a discussion on stuff like this.

[ 06-19-2002, 02:10 PM: Message edited by: Sir Kenyth ]

[Azred]

Worst-case scenario: malicious hackers make using computers or the Internet so dangerous that it becomes severly restricted or people begin leaving in hordes. This, of course, will "drop the other shoe" for the tech industry--nothing, not even wireless PDAs, will be safe from the various attacks. It would send us back to the days of only telephone and fast courier services!

Best-case scenario: enough people get enough training on computer/internet equipment to help deter/prevent such attacks. Even a monthly training class would suffice to keep most folks aware of the latest trends and how to avoid them.

I'm waiting on a "Frankenstein" scenario where a hacker creates something that gets completely out of hand.

Had I sufficient knowledge of insurance product development and the ability to produce/market it, I thought up the idea last year of "Internet liability insurance" similar to modern property & casualty plans. The underwriting would probably be nightmarish, but you'd make tremendous profits on the premiums, despite the normal claims experience. Oh, well. [img]graemlins/petard.gif[/img]

[Oblivion437]

Frankenstein Scenario For You:
A hacker creates a reproducing cascading zombie, trojan, or virus, that directly distribute over the network, THROUGH the backbone, it cascades into all active connections, and is activated by the hacker, or time activated using system timers. This could collapse entire networks, but it couldn't be used against a single site, it's too dangerous, the cascade would kill EVERYTHING, including interconnected networks. It would, as I see it, require:
1. Full mainframe access
2. Direct Access to the core of the storage
3. Knowledge of how to program these deadly devices
4. A most thoroughly pissed off hacker
5. A very tasty network, worthy of destroying.
If someone could breed this, we'll call it CDOS, Cascading Denial of Service, I don't know if it's already been defined, but this would be accurate, and it would easily be very dangerous...

[Azred]

A nightmarish situation you describe, Oblivion437. The problem with worst-case scenarios like that one (or a nuclear detonation in a major city similar to the one in The Sum of All Fears) is that they are not a question of "is it possible?" but "when will it happen?". I have no doubt that someone out there somewhere is already dreaming up the next disastrous wave/method of attack.

[Sir Kenyth]

Zombies have to be located on sites other than the one that's being attacked. If the actual site it's located on is attacked, the process can be identified, the program image recorded and then systematically removed from the infected media. Most of these zombies are distributed by a simple trojan sent through email. That should tell you how good security is at most public sites. You see, by having thier parasitic programs attack other places than where they're located, they make it someone elses problem who has no control over the hosting equipment. Simple apathy of the hosting site keeps the zombies alive and well because, "It's not affecting us." You see, under current laws, sites cannot be held accountable for zombies that run off thier equipment. Therefore they are not exactly motivated to protect against them.

[Zidane]

Have you been reading "The Blue Nowhere" by Jeffreyy Deever?

Brilliant....

Lady Zidane

[Sir Kenyth]

Quote:

Originally posted by Zidane: Have you been reading "The Blue Nowhere" by Jeffreyy Deever? Brilliant.... Lady Zidane

Nope. What is it about?

[Oblivion437]

Here's a Frankenstein:
A Hacker creates a virus to crash a program, but instead it erases the program, then multiplies due to an error in its own existence, and a thousand of them spread through a network channel. Within seconds, the network peripheral software of a thousand computers is completely eliminated. Suppose it were this site, or gamespy, or some other source of critical information, and you couldn't get to it, because it doesn't exist.

[/)eathKiller]

and that is exactly why I have a program called Res Edit. It allows me tdo Digital Necromancy. I can take any file on my mac and convert it into any other type of file, a word document, an Mp3, or even a JPG or TXT or anything i want, i can convert one type of file into another, and it will act just like that file type while also keeping the attributes of the original file type. Sometimes it works out quite suprisingly. I've taken whole folders of such things and played around with them. making them do cleanup jobs for me and such

Luckily the program red edit only had 2 versions launched online and it isn't available for download anylonger as machacks.com has sort of... well... been hacked... anyway...

From what i've seen of this "art" if you could call it that, a demented person could honest do all sorts of damage, like, take IW background for example, find the HTML for it, and then upload an HTML picture of like polkadots that they trick the website into beliveing is the original and immediatley everyone's got polkadots on their background... it's quite sick the things people can do and it's also quite frightening how manipulable data is.

What i think is most amusing is these "security system" things out there, they can't possibly expect to protect people from a vast hordge of ever growing, ever evoulving and ever changing problems and problem-makers can they?

well they like to advertise that they can, but i have yet to see one actually beat my res editing at home, school, and now even at my colledge [img]tongue.gif[/img] (i've skipped some steps in some of my Javascript classes by converting things done in HTML to javascript from tim to time... but don't tell THEM that )