July 24th, 2001, 09:37 PM
DOS and the "expert handling" by everyone involved. *cough*
There have been some serious speculations on who is doing this and why. Few are plausible, but most are just ludicrous. But on to what it means.
This could be a serious wake up call to government, business and telecommunications leaders. These attacks were basic and targeted against systems that, no doubt significant, are not strategically important to our infrasturcture. The attackers could have just as easily targeted government systems, civilian infrastructure, etc. Any of which could have serious consequences to safety and/or public order.
According to an interview on cnn.com, Deputy Attorney General Eric Holder said "We need additional people. We need additional forensic capabilities." The problem is no one wants to foot the bill for this and the result will be tragic. Knee-jerk reactions are for the unintelligent and unprepared. Let's not "be that guy."
It will be interesting to see if this particular incident will generate any significant policy developments/changes both in the public and private sectors. The skills required to pull this off, certainly was not "rocket science." I challenge you to think in a broader aspect. Think terrorists, hostile governments, or even more malicious hackers. Focusing a more targeted attack against infrastructure assets could black out entire regions of the country, neutralize positive control of aircraft, even shut down emergency response lines such as 911. All of these have already happened in isolated incidences, just not quite on the scale of our recent event.
My thoughts are to learn from this (and the past millions) attack and create an earnest effort to educate, recruit, and employ security professionals with the skills to defend and possibly prevent these problems when or before they start. Don't let the education be a crash 5 day hacker course either. Continuous training is the only answer. The military constantly trains for war. That is the business it is in. If there is a new threat, it is analyzed and methods developed to defend against it. Old threats are also analyzed, and defense mechanisms are re-evaluated for validity. The same diligence should be shown in this arena.
It may be kiddies this time, but next time (and there will be a next time) it may be someone more dangerous and the targets more significant.
Thanks for letting me put this point out, John. I am sure you and many others will agree to at least some of my rantings.
I would suggest that anyone wanting to know more about the potential effects of cyber-terrorism or of cyber-warfare might want to read this article about "Project Eligible Receiver". This is old news, but since the topic has been
coming up a lot the past week, I thought I'd point people to it.
Excellent analysis on your profile......
Sad thing is regardless of the motivations of the hackers, Janet (and our
wonderfully opportunistic govt) will find this an excellent excuse to try to
regulate and control the net.
Really sad thing is that it is probably govt or university systems that
were used to pull this off. Due to there sparkling record for security at
On a side note.... none of the big media have called you a man-child again
have they? I gave them **** for that
Yes, I hate it when I'm called a "man-child". What in the hell is a "man-child" anyway? Whatever
it's supposed to mean, I know that I don't like it.....
I find the "frames" on your Web site maddening. How cliche!
As if your site is the only one on the entire Web to safely hang-out on. Sheesh.
I did use your site as a test-bed to practice using the frame filters on my proxy server.
The warning page that popped up was laughable. Imagine if every Web page was as idiotic as yours is... constantly warning the user that he was leaving the site. Please lose the frames, and the moronic warnings about going to (gasp) someone else's web pages.
Now hold up. Before you hang me over a bed of hot coals, let me explain. The reason that we have
the "you now are leaving AntiOnline servers" page is that hackers were making some of the pages that we were linking to look like they were still part of the AntiOnline Network. They were then offering "antionline services" that they were trying to trick users to sign up for by providing personal information. So, in order to protect some of the less knowledgeable users that come
to our site for help, we always make it very clear when we link to an external, untrusted server.
We have DSL service on our home computer. Lately, we had noticed a severe degradation of the service and internet response. We installed a Norton personal firewall about one week ago and found on average 15 to 20 intrusions on our system at any one time. Last Saturday night, there was 37. It is nice to know that software can block these intrusions and maybe prevent someone from launching an attack from our computer. This being said however, would you know of any firewall software that would automatically retaliate and give those would be intruders a taste of their own medicine. It's time to fight back and not sit back.
Oooh, don't even go there Michel. While I share in your frustration, doing "strike-backs" is a very dangerous thing that we at AntiOnline don't even do. The problem, is that one of these computers that is attacking yours, may very well belong to some innocent person or company that has fallen victim to hackers themselves. Then, after they realize that you have started to attack them, they'll think that you're the evil hacker, and an evil cycle of cyber-destruction starts. If you want to do something about these people, report the machines that you're being attacked from to the ISP or Company that owns the network that it's on. This way, a malicious hacker will get dealt with by his ISP, or in the other case, an innocent victim will be notified that their computer has been broken into.
Mark Boone Submitted The Following:
What the heck is going on??? I am trying to access a website
called www.packardbell.com to get drivers for a soundcard, from the support site. Everytime I try to type in ANY
WWW.packardbell.com site, I end up with YOUR anti-online web site instead!!!
What are you doing? Overwriting other web sites now???
Will you please get your IP addresses together and stop invading others????
Please respond. This does not portray a very good corporate picture for your product, if you can not even manage websites without invading others.
Time out. It's not our fault. Heh. We noticed last weekend that we were starting to get traffic that was supposed to belong to PackardBell.com This didn't effect all users, but only a certain segment of the cyber-population. Somewhere down the line a router or dns server got very confused, and directed traffic to us, instead of PackardBell. We got in touch with them, and they are looking into solving the problem. We're not sure if this was caused by a hacker (I doubt it) or by what we in the industry refer to as a "Network Fart".
Concerning your article "AntiOnline Profiles D.O.S.
Attackers," while you are probably right about the
Social Motivation of the hacker(s), and the Government
Conspiracy idea is a little far-fetched (especially
considering the ineptitude of our government), what
about the possibility that security firms are trying
to drum-up business? Have you seen the Washington Post
today? A full-page ad by an Internet security firm
saying basically, "We Told You So." And sadly, there
are so many of these firms out there, it would only
take one to do this. What's your take on that?
While I don't think that a security company is behind these DOS attacks, I do think that the industry as a whole has acted VERY irresponsibly to this entire "event" (I think it's safe to classify it as a full-fledged event at this point). The Industry Standard did a great article about this very point.
I've followed your site for a while and must admit
that I am absolutely disgusted with you.
In the beginning I thought I knew where you were
coming from. Here's a young kid, bold enough to
challenge the government when they threaten him,
someone defending the hacker ethos. I really
Seeing your little Mcgruff cybercrime crap pushed me
over the edge (are you a member of DARE too?) and
convinced me that you're an idiot. Your intentions
may be good but let's look at what the results will
Overzealous parents will harass and hound their
intelligent children, probably barring a lot of them
from using a powerful tool, one that could turn into a
very lucrative career, as it has for you. But now
that you're a grown up you don't seem to give a s***
about the young kids you not so long ago were exactly
Another thing you need to look at is this: By
contributing to the hype and working hand in hand with
the corporations and cops, you are in the end doing
more to damage privacy and freedom than your small
mind can now comprehend. As the government clamps
down, and dunces like you help them, we will all feel
the effects. But like I said you probably think the
world is peachy keen and our government has all of our
best interests in mind- so do the corporations. Wake
the f*** up.
But hey, what do you have to worry about? You're down
with the man. You're a corporate lackey. And money,
fame, and acceptance probably is just what a geek like
you always wanted.
I don't mean to be insulting, but cmon man! You are
absolutely sickening. I'm no hacker- never have been,
never will be: But I would LOVE to see you go down.
Being a tool of government and big biz makes you an
enemy of the people. I'm sure a lot of other people
would agree. I hope you see the error of your ways
but most likely you won't.
Damn, I've been called the "AntiChrist of the Internet" before, but never "an enemy of the people", heh. I still don't understand how any of what you mentioned would be my fault. If I were you, I'd be pointing my finger at the actual computer criminals that have been causing all of these problems for their own sick little reasons. They're the ones responsible for any type of "reaction" that we may see from the public or corporate america. By the way. For any parents reading this, if you'd like a free copy of McGruff's CyberSafety for Children Parent's Guide, you can visit our Fight-Back! section, and request it. We'd be happy to send one out to you.