Printable View
I was wandering the net, and came across GRC.com again... Apparently Mr. Gibson claims to have two new innovations, a claimed DoS-resistant TCP/IP stack, and some faster port scanning methods. I'm going to finish reading the details tomorrow, but I'm wondering whether you guys think some of it is too good to be true, not good enough, etc.
Faster port scanning?
A custom TCP/IP stack?
And in other news, Zeosync... nah.
Gibson is a great engineer and I have full confidence in him and his projects. It's a shame ppl. start a hate page like grcsucks.com just because he had 1 thing wrong with the ddos theory.
Gibson is a great Social Engineer and I've little to no confidence in him and his projects. It's good ppl started sites like grcsucks.com to highlight the fact that this guy isn't all he's cracked up to be.
:D
J.
So you also say that JP is a charlatan? because people supporting Attrition happen to back up grcsucks as well.Quote:
Originally posted by jcdux
Gibson is a great Social Engineer and I've little to no confidence in him and his projects. It's good ppl started sites like grcsucks.com to highlight the fact that this guy isn't all he's cracked up to be.
:D
J.
I would like to know how you have formed such an opinion (no offence).
Gibson together with PChelp managed to warn the masses about the fraud Jason Paris is, who sold his crappy program Lockdown to thousands of people who would have been better off with ZA or sygate for free.
I formed my own opinion from many sources including grc.com and grcsucks.com (and other security sites).
Gibsons forte is marketing and hype.
I first stumbled over GRC when looking for online port testing tools, at first it looked slick but upon closer examination (and comparisons with other online probe / port tests) shields up is nothing but a false sense of security.
I'm not going to rant and rave about Gibson, I think people should research all the facts and make thier own informed decision on Gibsons credibility.
As for JP, I have gotta to say thanks for this site, the most notable thing about Antionline is that it's not 1 persons biased or twisted viewpoint, it's an open forum where many come to share ideas and views, there are some very good members that can and do post useful info.
;)
IMHO, grc.com does a pretty good job of describing some of the inherent glaring problems with issues like port-scans, the strength of your firewall, and MS' known hole with XP and raw sockets, something that only came standard with unix systems, and wasn't usable by Win9x boxes unless you had some third party software program.
Do I think he's a smart engineer with some fairly good stuff? Yes.
Do I think he's the end-all-be-all? No. Nobody is.
Do I think someone could gain reasonable knowledge about security and whatnot by reading his site? Yes, if they look past the emergency-state he puts everything in. There are lots of things wrong in the computer field. Making them all in bright red or blue isn't going to make me (or others) feel that because he said put them in that text that they're worse than others. An emergency is something that is defined by whoever's experiencing it. Example: a temp work business I did contracting work doesn't give a rat's ass about ports and such but they seriously DO care about the other "unix" guy stealing their customer list and selling it to their competitors (he did that once before). What do they care about? Bigger locks on the doors and making sure he wasn't dialing in.
Moral of the story:
Information is determined by whoever's looking for it. The eye of the critic is the harshest and while there are those who say "GRC sucks my ass", there's some validity in it, however I'd like to see these same people who target Gibson, Meinel (don't know much about her), and JP do a better job of what these people do. It's easy to dispose of what anyone says when you have a crew of people who "do it all" that you can gather information from.
Once again, these are just my opinions.
I have 1 last thing to say and I wonder what you will answer. You believe the words of a buncha college dropouts?
Don't be mistaken but Meinel and Gibson are both engineers, I know Meinel very wel and even tough techbroker got defaced a few times Happy hacker has never been compromised (yet) so she still managed that. And Gibson how could he be a marketeer?? I have never been asked to pay for my port probe and like 75 percent of all the good software he provides is free. Gibson is one hell of a programmer (he does assembly) and I doubt he could be wrong.
Yay someone talking bout GRC.com :)
I am very anti-WkD (the person who ran DDoS attacks on GRC.com)
He is such a lamer its not even funny. He hex edited the DDoS bot known as Evil Bot and changed the name and sme other words in the program but never accually changed anything that took any skill other then knowing how to use a hex editer. Next he had less then 400 bots which i find funny. Evil bo is like a 10k server file and very easy to get a couple 1000 bots in a day! WkD like most kiddys think evil bot is good case of the size and how many bots can be infected. But there are 2 big problems with Evil Bot, it makes a new bot everytime the server file is open... so 1 dial up connection can accually have around 20 bots on the bot net on the same host, and we all know what kinda problems that can cause.. Next the evil bot has a part in it that causes all the bots to quit when there are 70 or more bots in the channel at 1 time (i could be wrong with the # 70, i forget exactly how many it was).
My fav part of this is WkD's botnet admin password for the ircD he ran it on was "realhack" *he told me himself when we were "friends"*
but i like GRC to a point, as for his new projects i will have to check them out when i have time... sorry for my rant i jus had to get it out :)
well i g2g, ill continue my rant later...
I'm still reading the details my self Terr but it looks as if it may work. There's no set date as to when it's supposed to be released but I'm looking forward to it. IMO, I thinks that G.E.N.E.S.I.S. will have a few bugs in it. There's still malicious hackers/crackers out there that will find new DoS methods.. but then again, it's just my opinion. ;)
Remote_Access_
G.E.N.E.S.I.S. -
(Gibson's ENcryption-Enhanced Spoofing Immunity System)
Quote:
It's cool. It's running. It works.
Quote:
An Acknowledgement of Debt to the World's Hackers
I wish to take a moment to acknowledge the enormous contribution that has been made to my knowledge and understanding by the unselfish work of the world's hacker community. These are not the malicious 'crackers' and 'script-kiddies' who break in, thieve, deface, and despoil by abusing the knowledge they have taken from others, but rather the true hackers — in the original meaning of the term — who pursue the knowledge, understanding, and power of technology for its own sake. I Thank Them . . . and I sincerely hope they will be as pleased and enlightened by the results of my efforts, as I have been by theirs. - Steve
All I can say is that until you can make a TCP/IP stack (not to mention one that is hardened against DoS attacks), then you should give Gibson the respect he deserves. I think the way he handled the TCP/IP stack operation was ingenious, I certainly wouldn't have tought of using the encrypted ip address as a token identifier for the SYN/ACK packet.
Regards,
Wizeman
Hm. Well, okay--I will oblige your request and reply, as no one else has thus far. Your biggest hero, JP, is also a college dropout. You believe him when he says things, don't you? My point is that you shouldn't always look at the educational level attained when assessing someone's credibility, especially in the computing world.Quote:
I have 1 last thing to say and I wonder what you will answer. You believe the words of a buncha college dropouts?
- Where did that quote come from?Quote:
I have 1 last thing to say and I wonder what you will answer. You believe the words of a buncha college dropouts?
- Well I for one, didn't request for you to reply to this statement/quote.. or this thread for that matter. I think you have the wrong form. You must be looking for "General Bullshit".. Did you even take the time to read what this thread was about? I seriously doubt it. My biggest hero, eh? Heh, sure. Indeed certificates, degrees, and a college education are not required they are usually attained FOR someone's credibility or career field. In either case, you seem to have the education level of a HS freshman so I'm no longer going to debate this with you.Quote:
Hm. Well, okay--I will oblige your request and reply, as no one else has thus far. Your biggest hero, JP, is also a college dropout. You believe him when he says things, don't you? My point is that you shouldn't always look at the educational level attained when assessing someone's credibility, especially in the computing world.
Remote_Access_
I am going to dodge the rediculous previous comment made and continue on in the named thread subject.
GRC.com has been nothing but a help to me. Gibson has released great programs aimed at making one breathe a little easier.
As stated above, so what if he was wrong on one thing (DDoS)? No man is perfect, and people today are so unforgiving... :)
From what I understand of Gibson's current implementation, his stack would be vulnerable to "token" replay:
Someone could establish a legitimate connection from a public computer (ie: from a different IP), capture the SISN, the reuse that SISN on a fake packet (setting the packet's client addy as the one from the public computer used)...
Even if the key is changed every reboot, web servers are meant to be up for long periodes of time, leaving a good window of opportunity... I guess someone could also automate this process using trojaned computers and exchanging IPs & SISN between them...
*disclaimer, I might be wrong but this is what I'm seeing...
On the editorial side, what bothers me with Gibson is his quick bold (in both ways) absolute statements, declaring things perfect before peer review... Just have a look at the last (third) page, he had to appologize because he was too quick with his words... And also of course the formatting of his papers... Usually in the IT community, you *suggest* new ideas and standards in a emotion free paper that states only facts which is easy to (peer) review... Gibson on the other hand rolls out the marching band and loud speaker vans to announce to the world that is great (sorry for the emotion, but that shows my point).
Ammo
This post in reply to remote access.
(I've come to the conclusion that I should explicitly say when I am replying or not replying to one of RA's posts, as he seems incapable to comprehend that he is NOT the only quotable person on this forum.)
It came from focmaester's last post. Did you not read it? Are you not reading every single one of this thread's posts like a happy antionline camper?Quote:
- Where did that quote come from?
Listen, you crackhead. This post had absolutely nothing to do with you or anything you've posted. Where do you come off thinking such? You are hardly the center of my universe, hell; you're hardly the center of my antionline universe. JP has purchased his own universe, right?Quote:
Well I for one, didn't request for you to reply to this statement/quote.. or this thread for that matter. I think you
have the wrong form. You must be looking for "General Bullshit".. Did you even take the time to read what this thread was about? I seriously doubt it.
You've attacked me for not reading this thread, and yet you seem to have skipped over other people's posts. I for one have read all of them. I am a good, informed antionline user, one who makes posts after having taken the whole thread into consideration. You, friendly friend, are a bad antionline user, you have made a fool out of yourself by ironically attacking me for things you, not I, are responsible for.
Which one of us is in highschool? Which one of us is an idiot?
Debate? You're hardly worth debating with. My sixteen year old sister is a much better debater than you are, we sometimes engage in hour long debates about a variety of subjects. Do you pretend to think that you can truly ever keep up with me?Quote:
...so I'm no longer going to debate this with you.
How's your SQL coming along?
This post in reply to autumn regret/hehbris//chemical/oblio/etc.
I've come to the conclusion that I should ignore those previously stated aliases.. after this post ;)
- If I read it I wouldn't of asked you where you got the quote. So no, I didn't read it. I didn't happen to read EVERY post werd for werd.. I was too busy posting something of VALUE, something that may HELP someone instead of replying with some ignorant statement with NOTHING to do with GRC..Quote:
It came from focmaester's last post. Did you not read it? Are you not reading every single one of this thread's posts like a happy antionline camper?
- Crackhead?.. You seem to be sadly mistakeing. It's a figment of your imigination. Did you take your medication today? Where in my post did I state that I were the center of your "AO universe"? That must be another figment of your imigination.. Well, I wasn't aware that JP purchased a universe but what ever.. Did you forget to take your medication this morning?Quote:
Listen, you crackhead. This post had absolutely nothing to do with you or anything to do with what you've posted. Where do you come off thinking such? You hardly the center of my universe, hell; you're hardly the center of my antionline universe. JP has purchased his own universe, right?
- Blah blah blah.. Big deal. I happened to miss ONE post. Not everyone spends all day on AO reading EVERYONES post.. Oh no, I'm a bad AO usr.. Shame on you RA.. MuhahaQuote:
You attack me for not reading this thread, and yet you seem to have skipped over other people's posts. I for one have read all of them. I am a good, informed antionline user, one who makes posts after having taken the whole thread into consideration. You, friendly friend, are a bad antionline user, you have made a fool out of yourself by ironically attacking me for things you, not I, are responsible for.
- Hahaha, well I'm neither so that only leaves YOU.Quote:
Which one of us is in highschool? Which one of us is an idiot?
- I'm not werth debateing with, eh? Then, why did you reply? You don't have to debate this with me.. go argure with your year old sister. She seems to share the same attention spand and mental capability as you. What do you spend hours upon worth less hours debateing with a one year old?.. As for my SQL class.. It's going good. What languages did you say YOU were learning? Here's an example of an SQL statement for you..Quote:
Debate? You hardly worth debating with. My sister year old sister is a much better debater than you are, we sometimes engage in hour long debates about a variety of subjects.
How's your SQL coming along?
SELECT *
FROM Jackasses;
SQL Query Results
autumn regret, hehbris, chemical, noble hamlet, & oblio
Hi There;
If it was not for the posts on www.grc.com about the nasty
hole in IIS, several customers could have lost there complete
data base including credit card info.
Microsoft never tell you straight info, they bury it
in a bunch of legal jumble and links....
There is still a number of IIS servers out there with the hole
but it is the fault of the systen admins not to patch it.
Now with the Holes in XP like raw sockets and
Unversal Plug and Play that has been spread
around ... Thanks to Steve
Steve Gibson does a GREAT JOB!
My kudos to Steve.
Keep up the good work Steve!!
I checked around and found out this has been discussed on Linux Kernel Mailinglist. It seem Gibsons solution wouldn't work, and would open up to new forms of attacks.
Check out
http://www.uwsg.iu.edu/hypermail/lin...12.2/0787.html
http://www.uwsg.iu.edu/hypermail/lin...12.2/0799.html
http://www.uwsg.iu.edu/hypermail/lin...12.2/0882.html
It'd be nice to see something done at the tcp/ip stack level to ward off some of the DoS and DDoS attacks. Considering they come from script kiddie programs (a majority), it should be relatively easy to reverse-engineer what they hit, counter with a dynamic algorithm to block the attack (drop packets), and set up rules for watching said IP. Seriously good hackers who do programming could work around a lot of those fixes but I don't see very many true hackers running DoS against machines so I'm not too worried about what the script kiddies say they'll do in response (it has to be something inherently stupid of course).
Perhaps a good tcp/ip stack would have the ability to drop packets from an IP based on rulesets. This is great for things like netfilter where you can set up rules and can be integrated into the kernel, but I'm not sure what you'd do with Winblows. As it is, firewalls have to get better otherwise there's going to be more holes in them than 10 pounds of aged swiss cheese. One of these days I'm gonna get my rulesets up for ipchains...it might help someone out.
One thing I didn't like about this post (the second link) was this:
Instead of just trashing it, why doesn't this "David Miller" offer some insight on how to make it work or offer other ideas? I can't stand idiots that just trash someone's "idea" without some form of instruction on what they *could* do to make it work, better, etc...Quote:
The foundations of this person's scheme simply cannot work.
regardless of gibsons style and or ability...i'd say if he does nothing else for the rest of his career..he's done the whole internet community a huge service...he's made people realize that security matters...and i'm not talking about any of <you> ...i mean joe shmuck with the always-on who, until shields-up, had no idea that his computer was an open book..
i con't comment on his new projects...i'm not qualified...but...he writes tiny useful and for the most part -free- windows progs...if M$ had written leakstest it would have been 6.5 megs and cost 99 bucks...with a $24.95 upgrade fee...so ya he is a media guy with a considerable ego...but i'd say the net's a bit better and safer place because of his work...
Yup, Gibson offer a solution to only one special kind of DoS attacks (if it works, I don't know). It would be better to look at DoS and DDoS as a part of the same problem and try to come up with a solution for both of them.Quote:
Originally posted by Vorlin
It'd be nice to see something done at the tcp/ip stack level to ward off some of the DoS and DDoS attacks. C
Off subject to change the mood in here and get a little laugh...
how the hell hard did u laugh when u heard bout president bush chokeing on a pretzle... i mean crap thats all we need... the most powerful figure in the US chokeing to death on his dinner....
: P
In the words of president bush " *choke choke choke choke choke THUD* "
As was mentioned above Terr, it's definitely a step sideways. It will only prevent certain styles of attack.Quote:
Originally posted by Terr
I was wandering the net, and came across GRC.com again... Apparently Mr. Gibson claims to have two new innovations, a claimed DoS-resistant TCP/IP stack, and some faster port scanning methods. I'm going to finish reading the details tomorrow, but I'm wondering whether you guys think some of it is too good to be true, not good enough, etc.
One thing people need to realise is that there's no good solution to DDoS attacks. If someone can connect to your server, then why can't they simply connect all at once with a few hundred machines and overwhelm it?
I used to hang out on news.grc.com, and to be quite frank, there are far too many people there who are blindly loyal to what Steve says. He has valid points about a lot of stuff, and is a very talented software engineer, but he opens his mouth too quickly, and doesn't utilize drafts, so he gets caught in many false statements. His publishing style leaves a lot to be desired for, and ShieldsUP! only scans like a half a dozen ports, which is OK for an end user.Quote:
As for Nanoprobes, it was announced a long time ago, and has yet to materialize. I would infer that he's getting speed from opening multiple connections at once. Ie: NP would probably use 40-50 source ports on the box and send out packets in 40-50 packet chunks. It could be higher I suppose, but at a certain point there would be a performance hit I would think. Then again, take that with a grain of salt, I'm not 100% up on TCP/IP.