06-11-07

How the Al qaida DDOS attack may look like

First there are cyberjihad websites around which have sometimes 110.000 members (how much of them are poilice and intelligence or just the curious is another matter)

Secondly it is very easy for someone to participate in this massive attack. THe only thing he has to find is the software cyberjihad 2.0. It works a bit like a the seti software (distributed software) and it gives every computer that participates a list of servers that it has to ping (together with some thousands of others they hope). This way they hope they will create a huge DDOS campaign that could bring down hosts as they are overwhelmed by traffic.

This means that ISP's and hosters have to - as an exercise - watch their traffic flows and prepare for DDOS attacks. This would be a very good exercise for Belnet who had much trouble keeping up with traffic demands during a certain RTBF documentary and the french elections.

I haven't found an example of a traffic package made by this software but as a precaution it would maybe be wise to make one so that snort, IDS and routers can be installed to drop all such packages.

The new version of the software claims that it is commanded by an mailserver that is highly secured while the old version send all credentials in clear text ofver the wires (even passwords).

A warning for all kidz out there. It could be that you have a full bag of resasons to participate in something like that that seems so easy. But you have to take the following things into account - after you have drunk your tea and have sit down for a minute instead of clicking without thinking.

* It is totally illegal to host or participate in such activities and if you try to do this from Belgium or many other countries you will get caught and you will be sentenced, period. Even if this will get big, you can be assured that the authorities will set things into motion and that you won't believe what will hit you when they come banging at your door, especially in some countries.

* You don't have any idea what you have downloaded and you don't have any idea who is behind it. You don't know if it is the real software or just an undercover operation or just a bunch of spammers or pornhosters using this as a new 'phishing' scheme.

* You don't know how long the central server that says it is coordinating it will stay in the hands of jihadists or that some police or intelligence service won't be looking over their heads. Do you really think that the governments don't have the will, the power and the counter-hacking knowledge and that they will never use it ? They use it permanently against the cyberjihad sites and networks, so why would they leave this attempt without response ?

12:26 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

De commentaren zijn gesloten.