[clug] Secure your Internet facing stuff (was Re: googlebot doing funny things in logs)
Martijn van Oosterhout
kleptog at svana.org
Sat Jun 18 00:53:15 MDT 2011
On Sat, Jun 18, 2011 at 10:32:59AM +1000, Robert Edwards wrote:
> I'm not going to defend "Conspiracy Cells of Fire", or anyone else, for
> launching a cyberattack, much less setting fire to someone's property.
>
> But I must say that they seem to have a cause, which, on the face of it,
> seems to include protecting peoples lives, including children, and if
> their cause can be highlighted with a relatively harmless (although
> expensive) PR disaster for the bank, such as a DDoS attack, well I am
> not going to be particularly outraged. Sorry.
A DDOS attack is hardly a PR disater. Nobody cares about the bank, it
doesn't really cost them anything. And nobody is outraged. DDOS
attacks happen all the time, they hardly make the news anymore. The
costs are bourne by all the small businesses who can't take payments
for a day. Nobody reimburses them.
You may consider a DDOS simply a form of protest and that any damage is
an acceptable cost to society. For now the costs indeed seem to be
acceptable, but I still think we should be doing what we can to prevent
what we can, because otherwise eventually the internet is going to be
regulated by governments due to popular demand, because people won't
take it anymore.
Someone suggested the big sites should harden their systems against
DDOSes. This isn't really practical. If the attacker has bought N
bots to attack your site and found it doesn't work, they simply buy
another multiple of N bots and keep going until the site does go down,
or they flood out your upstream provider. Bots are cheap. There are
more than enough infected systems on broadband to take out any site you
name.
Have a nice day,
--
Martijn van Oosterhout <kleptog at svana.org> http://svana.org/kleptog/
> Patriotism is when love of your own people comes first; nationalism,
> when hate for people other than your own comes first.
> - Charles de Gaulle
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/linux/attachments/20110618/5374a911/attachment.pgp>
More information about the linux
mailing list