1998-12-16 - RE: DoS considered harmful [WAS: RE: Anyone striking?]

Header Data

From: Anonymous <nobody@replay.com>
To: cypherpunks@cyberpass.net
Message Hash: d545d44348302e5643f55f0695680d87594c1ac0c9d824443e8c276f41d9a9e6
Message ID: <199812160955.KAA15452@replay.com>
Reply To: N/A
UTC Datetime: 1998-12-16 10:41:49 UTC
Raw Date: Wed, 16 Dec 1998 18:41:49 +0800

Raw message

From: Anonymous <nobody@replay.com>
Date: Wed, 16 Dec 1998 18:41:49 +0800
To: cypherpunks@cyberpass.net
Subject: RE: DoS considered harmful [WAS: RE: Anyone striking?]
Message-ID: <199812160955.KAA15452@replay.com>
MIME-Version: 1.0
Content-Type: text/plain



At 07:09 AM 12/16/98 +0100, Anonymous wrote:

>> > disapproval published to appropriate orgs c) _short_
>> > loosely organized burst of DoS against select online
>> > targets from widely distributed sources.

>> A DoS (Denial of Service) action is a really, really,
>> really bad idea.

["clarification", or something, elided]

>Example: A public web page is setup with information on the next "sit in" or
>"log writing campaign" containing the agenda behind the protest, contact
>persons for more information, target site with explanation of choice, start
>time and stop time.  Let's further that the cause is able to get a couple
>hundred or couple thousand supporters to, for example, repeatedly telnet to
>port 80 on the remote server during a specific 5 minute window and type in:
>
>GET I do not support your sites views on such and such see
>www.stop_this_now.org for details.
>
>Given the right level of logging on the server you'd quickly fill up the
>target's logs with a record of the number of people (or actually computers)
>that don't agree with the target's agenda.  [...]

You clearly don't run a website. Logs are very valuable. Any admin
who doesn't have space for at least several days of normal traffic
available on their logging device is simply not doing a good job.
A network admin running a website doesn't lose logs - careers live
and die on them (if this seems an overstatement to you, go look at
http://www.abcinteractiveaudits.com/ and report your findings.
-10 points for declaring it stupid.).

If you didn't mean "fill up the target's logs" (which I took to mean
overflow available disk space), but rather "pepper the logs with
many instances of some sort of odd political commentary", that could
have an effect. It could throw off reporting and make a new conversation
topic for editors, which might, if you managed to organize enough
people, earn you a CNET story. "CyberActivists Make An Obtuse
Statement - Click Here For Soundbyte".

Great job.

Truth is, on any major site, you'd need hundreds of robots making
your bogus requests to show up - manually telneting to port 80
is line noise these days to any serious site, unless you're poking
at potential security problems.

If you really want to try this, at least take the bother to make
valid HTTP requests that most servers will recognize. Your example
above should be something like:

GET
/I/dont/support/your/sites/views/on/such/and/such/see/www.stop.this.now.org/
for/details HTTP/1.0

(note the two newlines at the end of the request)

A sysadmins reality check,

T. Pynchon 





Thread