A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.broadband (UK broadband)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.broadband (UK broadband) (uk.telecom.broadband) Discussion of broadband services, technology and equipment as provided in the UK. Discussions of specific services based on ADSL, cable modems or other broadband technology are also on-topic. Advertising is not allowed.

interesting..story.



 
 
Thread Tools Display Modes
  #1  
Old November 4th 10, 01:21 PM posted to uk.telecom.broadband
The Natural Philosopher
external usenet poster
 
Posts: 2,728
Default interesting..story.

http://www.bbc.co.uk/news/technology-11693214
NOW ypu now why ISPs sometimes block pings..

And why some of us feel MS windows should be banned from the internet ;-)
  #2  
Old November 5th 10, 03:20 AM posted to uk.telecom.broadband
bod43
external usenet poster
 
Posts: 105
Default interesting..story.

On Nov 4, 1:21*pm, The Natural Philosopher
wrote:
http://www.bbc.co.uk/news/technology-11693214
NOW ypu now why ISPs sometimes block pings..


Hmm. I couldn't find any reference there to "ping" or to
"ICMP echo request" or any other ICMP message.

And why some of us feel MS windows should be banned from the internet ;-)


Nor could I find a reference to "Windows"

So my dear philosopher, what the f**k are you on about?

If I was considering a denial of service attack on a web site
the very very last thing I would consider would be a ping.

I would firstly target the back end database if I had the
expertise to do so (which I don't but I might be able to
acquire it) and secondly the http server.

Pings are so lightweight that they are not worth
bothering about.

  #3  
Old November 5th 10, 11:52 AM posted to uk.telecom.broadband
Mike Civil
external usenet poster
 
Posts: 46
Default interesting..story.

In article ,
The Natural Philosopher wrote:
http://www.bbc.co.uk/news/technology-11693214
NOW ypu now why ISPs sometimes block pings..

And why some of us feel MS windows should be banned from the internet ;-)


S'funny. While the BBC is as usual a paragon of non-content, other
sources don't mention ICMP at all and at least one describes TCP based
attacks.

No mentions anywhere of MS products (or any other OS come to that)
either as source, destination or intermediary.
  #4  
Old November 5th 10, 12:48 PM posted to uk.telecom.broadband
The Natural Philosopher
external usenet poster
 
Posts: 2,728
Default interesting..story.

bod43 wrote:
On Nov 4, 1:21 pm, The Natural Philosopher
wrote:
http://www.bbc.co.uk/news/technology-11693214
NOW ypu now why ISPs sometimes block pings..


Hmm. I couldn't find any reference there to "ping" or to
"ICMP echo request" or any other ICMP message.


DOS.?

And why some of us feel MS windows should be banned from the internet ;-)


Nor could I find a reference to "Windows"

So my dear philosopher, what the f**k are you on about?


I am sorry it went right over your head.
If I was considering a denial of service attack on a web site
the very very last thing I would consider would be a ping.

I would firstly target the back end database if I had the
expertise to do so (which I don't but I might be able to
acquire it) and secondly the http server.

Pings are so lightweight that they are not worth
bothering about.


I am sorry it went right over your head.


  #5  
Old November 5th 10, 12:49 PM posted to uk.telecom.broadband
The Natural Philosopher
external usenet poster
 
Posts: 2,728
Default interesting..story.

Mike Civil wrote:
In article ,
The Natural Philosopher wrote:
http://www.bbc.co.uk/news/technology-11693214
NOW ypu now why ISPs sometimes block pings..

And why some of us feel MS windows should be banned from the internet ;-)


S'funny. While the BBC is as usual a paragon of non-content, other
sources don't mention ICMP at all and at least one describes TCP based
attacks.

No mentions anywhere of MS products (or any other OS come to that)
either as source, destination or intermediary.

Botnet.

Show me one botnet that isn't hosted on MS machines.

  #6  
Old November 5th 10, 08:12 PM posted to uk.telecom.broadband
Andy Champ
external usenet poster
 
Posts: 187
Default interesting..story.

On 05/11/2010 12:49, The Natural Philosopher wrote:
Mike Civil wrote:
In article ,
The Natural Philosopher wrote:
http://www.bbc.co.uk/news/technology-11693214
NOW ypu now why ISPs sometimes block pings..

And why some of us feel MS windows should be banned from the internet
;-)


S'funny. While the BBC is as usual a paragon of non-content, other
sources don't mention ICMP at all and at least one describes TCP based
attacks.

No mentions anywhere of MS products (or any other OS come to that)
either as source, destination or intermediary.

Botnet.

Show me one botnet that isn't hosted on MS machines.


Why would a Botnet writer target some obscure OS with less than 10% of
the installed base?

I still don't see the pings BTW. DOS (that's denial, not disc) can
happen many ways.

Andy
  #7  
Old November 5th 10, 08:41 PM posted to uk.telecom.broadband
The Natural Philosopher
external usenet poster
 
Posts: 2,728
Default interesting..story.

Andy Champ wrote:
On 05/11/2010 12:49, The Natural Philosopher wrote:
Mike Civil wrote:
In article ,
The Natural Philosopher wrote:
http://www.bbc.co.uk/news/technology-11693214
NOW ypu now why ISPs sometimes block pings..

And why some of us feel MS windows should be banned from the internet
;-)

S'funny. While the BBC is as usual a paragon of non-content, other
sources don't mention ICMP at all and at least one describes TCP based
attacks.

No mentions anywhere of MS products (or any other OS come to that)
either as source, destination or intermediary.

Botnet.

Show me one botnet that isn't hosted on MS machines.


Why would a Botnet writer target some obscure OS with less than 10% of
the installed base?

Precisely. Unless it was so much easier to do..

I still don't see the pings BTW. DOS (that's denial, not disc) can
happen many ways.

Andy

easiest way to do it really.


They were congesting not a server, but a whole countries international link.

The simpler the packet, the faster the bots can spit them out.
  #8  
Old November 6th 10, 07:17 AM posted to uk.telecom.broadband
Gordon Henderson
external usenet poster
 
Posts: 124
Default interesting..story.

In article ,
Andy Champ wrote:
On 05/11/2010 12:49, The Natural Philosopher wrote:
Mike Civil wrote:
In article ,
The Natural Philosopher wrote:
http://www.bbc.co.uk/news/technology-11693214
NOW ypu now why ISPs sometimes block pings..

And why some of us feel MS windows should be banned from the internet
;-)

S'funny. While the BBC is as usual a paragon of non-content, other
sources don't mention ICMP at all and at least one describes TCP based
attacks.

No mentions anywhere of MS products (or any other OS come to that)
either as source, destination or intermediary.

Botnet.

Show me one botnet that isn't hosted on MS machines.


Why would a Botnet writer target some obscure OS with less than 10% of
the installed base?


One particular OS probably has over 50% of the installed base - for it's
type of functionality - and that's Linux - in the role of a web server.

And there is botnet like code for Linux boxes that works in exactly the
same way as some of their Windows cousins. (Connects to an IRC server
and listens for commands) Often better becasue they're in data centres
with large bandwidth capacity.

The trick with Linux, as with other systems is to get that code into
the target server in the first place. Fortunately for the botnet
owners, there are now 1000's of open source applications that they can
investigate and almost all big packages have had vulnerabilities at
one point or another. e.g. vBulletin, phpBB, phpMyAdmin and who knows
what else. Essentially while the basic Operating System and utilities
(Linux, Apache, *SQL, Perl/Php) are themselves relatively secure, it's
the additional packages that may not be.

I still don't see the pings BTW. DOS (that's denial, not disc) can
happen many ways.


One type of ping attack involves the server hosting the attacking code
sending a ping to a random address, but forging it's source address to
be that of the victim. The innocent third party then sends it's reply
back to the victim. This way the bandwidth usage of the attacking host is
minimised, and it's identity is anonomised. Now imagine 1000 compromised
servers sending a ping - each second - to 1000 different 3rd partys
who're relaying to a single victim.... Then 10,000...

And a while back, some hosts, networks would respond to a ping to the
networks broadcast address - so send one ping, get 100 back. See:

http://en.wikipedia.org/wiki/Smurf_attack

One ping is fine, a million pings a second is bad.

On the TCP front, sending TCP SYN packets to a host will clog up their
input stack - and until fixes were posted, that would have disasterous
results. with as little as 5 SYNs sent to a host you could block a
particular function.

See http://en.wikipedia.org/wiki/SYN_flood

There are many other ways to perform a remote DDoS attack on a host.

In the case of the attack on Burma, if their ISPs in Burma blocked pings,
it really wouldn't help - the ping packets would still come down the
wires only to be rejected at the Burma end of the wire - which by then
is too late. If the upstream ISPs blocked the pings, that would be fine
for Burma, but not fine for the ISPs as they'll still have to weather
the storm. Tracing and tracking these things is really hard and requires
co-operation of all the ISPs in the chain.

Gordon
  #9  
Old November 7th 10, 07:59 AM posted to uk.telecom.broadband
Mike Tomlinson
external usenet poster
 
Posts: 285
Default interesting..story.

In article , The Natural Philosopher
writes

The simpler the packet, the faster the bots can spit them out.


And there's nothing that says pings have to be limited to 64 bytes.

--
(\__/)
(='.'=)
(")_(")


  #10  
Old November 7th 10, 11:54 AM posted to uk.telecom.broadband
Dave Saville
external usenet poster
 
Posts: 138
Default interesting..story.

On Sun, 7 Nov 2010 07:59:34 UTC, Mike Tomlinson
wrote:

In article , The Natural Philosopher
writes

The simpler the packet, the faster the bots can spit them out.


And there's nothing that says pings have to be limited to 64 bytes.


I was always fighting the network support when we had response
problems. They would ping the servers and say it was OK. I would then
tell them, again, that our app threw multi K packets around and try
pinging with that - "Oh there seems to be a problem........" "Yeah,
that's why I called you."

--
Regards
Dave Saville
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
A story..of the installation from hell. The Natural Philosopher uk.telecom.broadband (UK broadband) 5 December 23rd 08 04:51 PM
Virgin Media Horror Story Chris Dent uk.telecom.broadband (UK broadband) 143 September 26th 08 04:27 PM
ADSL success story! Graham J uk.telecom.broadband (UK broadband) 14 August 14th 08 07:30 PM
Broadband at last !!! 2 years late - My story pjonesuk uk.telecom.broadband (UK broadband) 2 November 16th 03 12:27 AM
Access Point Query/Story tosh uk.comp.home-networking (UK home networking) 0 July 19th 03 08:40 PM


All times are GMT +1. The time now is 10:28 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2019 BroadbanterBanter.
The comments are property of their posters.