Akamai DDoS: Sophisticated?
Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: Akamai DDoS: Sophisticated?

  1. #1
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324

    Akamai DDoS: Sophisticated?

    I have to ask the obvious of how a DDoS is sophisticated. Anyone have more details of this? There has been limited discussion here on AO about this attack but given the size of it and it's impact it certainly brings into question the idea that attacks are going down (CSI/FBI 2004 Survey).

    Most DDoSes that I've heard about -- MafiaBoy's being the most prominent -- have been fairly simple, straightforward tools. Perhaps DRDoS? Could this been GRC's situation on a large scale?

    Comments?

    Source: SecurityFocus


    Leighton provided few additional details, except that the attack was coordinated, large and sophisticated. The volume of traffic was unprecedented even for a company that "sees a lot of attacks," he said.

    "It had components that we had not seen before," he said, declining to comment further.

    Akamai, which distributes the content of the sites on more than 15,000 servers worldwide to speed delivery and improve reliability, said third-party monitoring services overstated the impact of Tuesday's problems. Keynote Systems Inc., a monitoring service whose statements were widely reported Tuesday, said the availability of the top 40 sites it monitors dropped from 100 percent to just over 80 percent during the outage.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #2
    Banned
    Join Date
    Jun 2003
    Posts
    1,302
    Ok, do you mean if that DDoS was sophistacted or if most are?

  3. #3
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Well, as I said, most of my experience with DDoS is that they are simple and straightforward. So what I'm trying to figure out how a DDoS could be "sophisticated" and what specifically about this one makes it "sophisticated".
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  4. #4
    Banned
    Join Date
    Nov 2003
    Posts
    182
    Maybe it used multiple tools and techniques to create a multi-tiered DDOS attack. Since the article was quite vague, we can only guess. But since we're guessing anyhow, thats my guess.

    P.S. I LOVE ALL OF YOU.
    -QUAD

  5. #5
    Senior Member deftones12's Avatar
    Join Date
    Jan 2003
    Location
    cali forn i a
    Posts
    333
    well i think it would have to be somewhat sophisticated to take down such a company as Akamai. Like the guy said, i think they would get alot of attacks pointed at them, so one that could take them offline for a period of time would have to be pretty preplanned and have alot of bandwidth to do such a thing. I know it wasnt a worm or anything and im not really into ddos so im not sure how they could of gotten that much bandwidth pointed into Akamai's direction. Im sure it could be sophisticated in someway. All im tryin to say is that to bring down such servers as big as Akamai's it would have to be someone sophisticated to an extent.

  6. #6
    Senior Member
    Join Date
    Jun 2004
    Posts
    281
    I agree with you, I do not believe that DDos attacks are sophisticated or even take skill (scriptkiddie tools).

    But I will try lets take the Mafiaboy example. I would assume that they figure the sophisticated part can come from how many servers were compromised and used as platforms for the massive scale attacks. If I remember correctly he somehow was able to use a bunch of different college networks and from there he would coordinate them to send the attack all in unision. However the kid was so cheap he did nothing but DL the proggie from some German creator (I believe).

    I don't think this is sophisticated because the security folk still can find it and were it came from maybe not pinpoint the exact source but at least the last hop or so. When I think sophisticated I think of hacks were people are in and out quick and have gotten all the info they needed and setup everything they needed to for the next step.

    I am waiting for these attacks to start on Cell Phones.


    - MilitantEidolon
    Yeah thats right........I said It!

    Ultimately everyone will have their own opinion--this is mine.

  7. #7
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    If I remember correctly he somehow was able to use a bunch of different college networks and from there he would coordinate them to send the attack all in unision. However the kid was so cheap he did nothing but DL the proggie from some German creator
    Ya but the colleges at that time had little or no security. In addition, IIRC, he used @Home as another source for "zombies" and since it was "Internet Boom" time, no one conceived that they needed security. (It's a home machine! I have nothing to steal).

    The German Tool you're referring to is Stacheldraht (means barbed wire in German IIRC).
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  8. #8
    Senior Member
    Join Date
    Jun 2004
    Posts
    281
    MsMittens - My post was Vague I know but the basic point I was going after was that someone looking at a 120lb kid and thinking he took control of corps like Amazon - Yahoo that it had to be challenging so they are going to call it sophisticated to save face to the public who doesn't understand the simplicity behind a DDos Attack they just think it is a bad thing.

    - MilitantEidolon
    Yeah thats right........I said It!

    Ultimately everyone will have their own opinion--this is mine.

  9. #9
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,024
    IIRC, akamai has various servers all over the world. Perhaps the person organzing it got zombies to attack ALL their servers at the same time, hence it would be somewhat sophisticated. Just another random thought...
    [H]ard|OCP <--Best hardware/gaming news out there--|
    pwned.nl <--Gamers will love this one --|
    Light a man a fire and you\'ll keep him warm for a day, Light a man ON fire and you\'ll keep him warm the rest of his life.

  10. #10
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    .. so they are going to call it sophisticated to save face to the public who doesn't understand the simplicity behind a DDos Attack they just think it is a bad thing.
    Now this would be more plausible for Akamai, IMO --- except that the ones that are interested in this aren't the general public but rather the general IT community. And they'd probably see the difference between "sophisticated" and simple. Then again, when the GRIDs were attacked, the "sophisticated" password cracking tool was used: John the Ripper.

    Anyways, if anyone gets any more details I know I'd be interested in this "sophisticated" attack.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •