Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
BSD Operating Systems Your Rights Online

SDF Punted, Due to DDOS 143

Posted by Hemos from the kicking-them-offline dept.
bullshizzle writes "The longest running Public Access UNIX System (SDF, running BSD) est. 1989 had their services terminated abruptly by NWLink because of a DDoS attack. Termination was carried out immediately without prior notification, which violates their contract (page1, page2). Complaints can be filed to the Washington State Attorney General's Office by filling out this simple form conveniently located online. You can follow the story at lonestar.org." While still bad, I've been corrected - SDF was *not* the longest running public access Unix - ArborNet (Located right here in my town) has been around for at least a number more years.
This discussion has been archived. No new comments can be posted.

SDF Punted, Due to DDOS More

SDF Punted, Due to DDOS

Comments Filter:
  • like free shell account??

    • Re:public access (Score:2, Informative)

      by Anonymous Coward

      Yes. I joined up when i heard about it in 99 and really cut my teeth on UNIX there, in spite of having been exposed to UNIX at least a year earlier. What makes SDF so great is that there is a real community of users who have their own chat app, their own "message board" app, all inside the shell. It reminded me of the community on the BBSes of old. Stephen (the sysadmin) regularly participates in user discussions and the opinions of the users help shape the direction of the system. In just the past few years i've seen it grow from a single system running Linux/i386 to seven or eight networked NetBSD/Alpha boxes with a user-built MUD, virtual hosting, special IRC bot accounts, all kinds of things. People who have been there since 1989 have seen it grow from SysV UNIX to 386BSD to Linux, on a dozen architectures.

      This is nightmare for some of us regular users. I log on every day and rely on it for all my email, for my web page, for ICQ, for hundreds of personal files... SDF is my all-purpose scratchpad, and my $HOME contains so many little text files and projects i've worked on in the past four years. Some of the users have paid-for virtual host accounts and run business websites hosted on SDF. All these people are losing their business, their sites are inaccessible... It's a sad, sad day. I only recall one time in the past four years SDF has been down for longer than a few hours, and i believe that was due to a DDoS attack while they were located in Texas, and just before they moved from Linux to NetBSD.

      *sigh* Some people just don't get it :-(

      alison at sdf.lonestar.org

      • alison at sdf.lonestar.org

        Hey, I tried to respond to you via email but it doesn't seem to be going through...

        • eh. This might have been a joke, in that case, just ignore this. Sometimes I have a hard time telling...

          if not, that's because sdf.lonestar.org is down, which is the entire point of this bruhaha.

          damn them, my primary email is through sdf too.
    • Probably a nice system, but no where NEAR the oldest. http://chinet.com was started in 1982 with m-net following soon afterward.
    • Now, it'd just be morally wrong to go on a crusade to carefully inform the world of what we think of NWLinks actions, Quality of Service, or other issues we have with them....w/o contacting them first to share our love and affection..

      http://www.nwlink.com/contact/index.php

  • Easy to get rid of a company you don't like (Score:3, Interesting)

    by Zeinfeld ( 263942 ) on Saturday February 01, 2003 @10:05AM (#5203150) Homepage
    Looks to me as if NWLink set an idiotic precedent. Someone attacks your site, they yank the plug.

    The problem I have with the stories is that they are very brief, only giving one side. One wonders if there was more history here.

    • Doug Palin, owner of NWLink, posted his explanation to the Lonestar message board (I won't Slashdot it, you can find it yourself).

      NWLink (aka Pacifier aka Europa) has tens of thousands of customers here in the Northwest, including me, and the DoS effectively shut down their entire customer base -- 3 times over the past 3 weeks.

      Either they were going to get complaints from one customer, lonestar.org, or they were going to get complaints from thousands of other customers (many of whom they had to pay monetary damages to make up for the loss of service). I can put up with my Internet access being cut off once, twice, but the 3rd time it happens I'm going to seriously consider switching providers. NWLink did what they had to do to save most of their customer base.
      • The point was, SDF was cut off without adequate and/or written notice. If NWLink knew that the attacks on SDF were causing problems three weeks prior to this, then the very least NWLink could have done was provided notice.

        NWLink certainly owes SDF an apology, at the very least.

        • Re:You're missing the point (Score:4, Informative)

          by dpalin ( 646645 ) on Saturday February 01, 2003 @11:12PM (#5208091)
          SDF was involved each and every time these events occurred. There were a 3 different attacks in 3 weeks. There was a 4th attack that was short lived that we were not able to confirm was directed at SDF. What course of action would have been more realistic when 12 million packets per second started hitting our network? We took the action we could. I would have loved to have kept SDF as a customer. However had this continued I would have explaining to do to other customers (which I spent most of yesterday doing following the attack). Doug Palin CEO - NWLink
          • You missed the point -

            Did you warn SDF that their service was going to be terminated when the next attack began?

            -OR-

            Did you do that the DoS attack failed to do... That is take them off the air?

          • Doug,
            I sympathize with your difficulties due to troublemakers; the real bad guys are indeed the ones initiating the flood(s). However, the problem is compounded when "bad" decisions are made by the victims: after reading through the information available to me, it does appear that, although SDF was indeed aware of said attacks, there was no mention of any consequences for SDF. As I understand it, the disconnect was "swift and sudden". I know this would be extremely irritating if it happened to me.

            While not a perfect analogy, this is like evicting a family from their apartment complex because someone stole their (properly secured?) car and left it in front of the exit/entrance of the complex. It doesn't really make a lot of sense, outside of the initial panic.
    • They are asking that people not harass NWLink. Sound like to me that NWLink needs a good set of pissed off user harassment. If it is in fact true that DDoS for 3 weeks caused outages on their network then they need to harden their network. Do they really think that pulling 1 host is going to bestow on them magic fairy power to keep away bad people?

      I think an idiot check is in order over there.
    • Think we could drive NWLink out of business by simply attacking all their customers, one by one?

      After all, if they drop customers just because they're being attacked..

  • hmmm (Score:1)

    by Bruha ( 412869 )
    Got Net?

    Seriously I never knew this existed :(

    Now I want to check it out :(
  • Failing to understand how exactly the ownership of this public server is setup, I'm wondering if the owning body will be suing over the breach of contract? Or will something along the lines of the EFF be taking up the battle?

    I can't think of any reasonable circumstances prior to this that I've heard of a host cutting your connection just because of one incident without talking first...

  • Denial of Service Attack? (Score:3, Funny)

    by gunnk ( 463227 ) <gunnk.mail@fpg@unc@edu> on Saturday February 01, 2003 @10:12AM (#5203167) Homepage
    NWLINK pulled SDF based off the fact that SDF was attacked by an outside hacker??? That's the kind of stupid stunt that invites a REAL denial of service attack:

    The Slashdot Effect
  • Why is this such a horrific event? First it is the responsibility of the admins of the access provider to shut down access to the attackers. But if they don't do it.. why is it bad if someone upstreams kills all there access? If it stops a large scale DDoS attack.. it would be a good thing. Or maybe i've been drinking too much bacardi 151.
    • This wasn't a case of the attackers being hosted by SDF. They were attacked from the outside by some third party, and their provider unplugged them as a result.

      This is similar to: if I wanted to shut down a local unpopular political organization's bookstore, so I picketed and made noise and made things unpleasant out in front of the bookstore, and the result was that the bookstore's lease was revoked by the owner of the building.

  • Their forum (Score:5, Informative)

    by Some Bitch ( 645438 ) on Saturday February 01, 2003 @10:16AM (#5203180)
    They have a temporary forum [lonestar.org] for discussion (top comment atm is about making the front page at /.).

  • Sorry Won't Fly. (Score:5, Interesting)

    by linuxdoctor ( 126962 ) on Saturday February 01, 2003 @10:18AM (#5203186) Homepage
    According to the copy of the agreement, "Northwest Linux may terminate the Agreement at any time and for any reason by prividing written notice of termination and refunding a pro rata portion of fees paid by Customer to Northwest Link for servies not yet rendered."

    It doesn't say "prior written notice" but simply "written notice." That means that they can pull the plug on you at any time and tell you why afterwards.

    It's interesting that the previous sentence says "either party" can terminate only for breaches of the contract that are not corrected within 15 days. In reality that only applies to Customer since the next sentence authorizes Northwest Link to do whatever it feels like doing.

    Anyway, we only have half the story. It would be nice to see what Northwest Link has to say.

    Tough luck.
    • Damn all those spelling mistakes. I should get a new perscription for my glasses.

      Boo hoo.
    • IANAL and you may well be right, but there are things such as non-enforceable contracts. It requires going before a court to show that the terms of the contract are not reasonable under tort law or something like that.

    • Re:Sorry Won't Fly. (Score:5, Informative)

      by innate ( 472375 ) on Saturday February 01, 2003 @02:37PM (#5204847)
      Northwest Link has this to say:

      Posted to SDF message board by the owner of NWLink:

      For starters let me say that I fully support SDF and what they are doing
      as a long time net user and admin of public access unix boxes. Having been
      the victim of multiple attacks over the past 15 years I know how much of a
      pain they are.

      Over the past 3 weeks SDF has been attacked 3 times that we can document,
      we believe that one more network related issue was directed towards them
      as well but we were not able track down the destination while it was occurring.

      Yesterday morning as in the other events we shut down SDFs port and had the
      IP blocked at each of our backbone providers (UUNet, Verio %26 ELI). This effectively
      shutdown our entire customer base while the Distributed Denial of Service attack was
      under way and until we had the ip blocked. During and Following these attacks we
      receive notice from our large line customers that have Quality of Service provisions
      in their contracts that they want credits.

      These credits are somewhat substantial and which we are contractually obligated to
      provide. We have issued over $30K in credits over the past 3 weeks when these attacks
      occur. This coupled with the customers that cancel because of their inability to
      use the service they are paying for has caused more then a little harm to my business.

      Steven has full access to the equipment at this time, we are not holding it hostage
      as the webpage page maintains. In fact we suggested he go to Semaphore directly, this
      is where we have our network equipment in Seattle. This was following a move on Thursday
      from our old Bellevue location. He acknowledged to me in a phone call a few minutes ago
      that he is working with them to get a contract signed. It is going to cost more, however
      I suspect the price that he is paying to them is more then fair for his bandwidth usage.
      What NWlink was charging was an excellent deal for the bandwidth being used.

      Steven explained to me that he was quite surprised by the direction this had taken when
      I spoke to him a short time ago. He knew what we did and why we did it. I to am sorry
      to see any customer go but had no choice in this matter to keep our other customers
      functional who pay the bills and salarys of my staff.

      Doug Palin
      CEO
      • Dude, you're the CEO of a company, making a major PR statement (which is what this amounts to), and you can't be bothered to spell I to am pluralize salarys of my stuff or capitalize public access unix correctly?

        Your statement makes sense, but you should fire yourself as PR jockey.
    • IANAL but notice does imply being told first, not after disconnection.
  • SEMAPHORE will cost SDF more than double its current rent, however, the technical team seem much more willing to help us. Please watch here [lonestar.org] for updates.
    A breach of contract, a new ISP, and couple the costs for a public service that has been running for fifteen years all because of a dumb DoS attack. As they say, many people have come to rely on SDF. This is one of the dumbest stunts that I have seen an ISP pull in a long time and I hope that NWLink [nwlink.com] have apropriate and successful legal action taken against them.
    • I was an original NWLink customer and they have always been, um, interesting to deal with. A business associate of mine was suddenly cut off from his NWL account for "suspicion of hacking" for trying to ping addresses in the NWL address range. I dropped them in '97 and have never looked back.

      As for Semaphore, they are *great* people. They were probably the first hardcore corporate data provider in Seattle. Sure, they are expensive, but in my opinion well worth it.

      • Heh, according to admin of 2 class B nets, he gets calls all the time from anal admins because some sap pinged a dns server on their network the wrong way. Then its either remove the student's access or end up with the other going legal on him.

  • What a shame! And who's to blame? (Score:5, Interesting)

    by teqo ( 602844 ) on Saturday February 01, 2003 @10:20AM (#5203193) Journal

    I have got my SDF public shell access at lonestar about two years ago, and I love it! It's (almost, because they required people to send in a buck to show they seriously want to use it and don't create lots of fake accounts) free, they have nice services, rely mostly on their users' affection and willingness to donate money or equipment to them, and you can upgrade for some money to use more features... I hope they will manage to migrate to their new hoster...

    What puzzles me is that NWLink seemd to have disconnected SDF because they fell preyto some DDoS'ing, they were not actively involved in some (D)DoS towards other sites, at least that's how I read the announcement!

    Consequently, this DDoS might have been one of the most successful one reported, since it not only hogged their connection and thus technically Dos'sed them for a while, but this led to some organizational DoS carried out by NWLink!

    How can they dare blaming the victim? And how can they dare putting all the consequences (that is, disconnection) onto the victim as well? Is this legal? Is this good practice? And: Does it help stop the DDoS towards SDF? Okay, the target host(s) is/are down, but the packets might rush to the dangling patch cable end anyway, crossing NWLink's infrastructure...

    All in all: Thanks to the DDoS people attacking a nice and free public service! :( (Not that I am some DDoS fan of any kind, but aren't there much more promising targets out there, both in terms of popularity, evilness and challenging huge trunks? Or did some script kiddies just got their shell accounts revoked, and now they felt like stomping their virtual feet? I hope you have learnt to deal better with your frustration by the age of 12...)

    And big thanks to NWLink for dealing with a customer's problem in a great and professional way by supporting a DDos through fully shutting down services!

    --
    "Where do you wanna go today / Somewhere you could never take me"
    -- Chumbawamba

    • There's a little more to just losing access to a shell account. I happen to host my website and email with SDF. I've been without email since they pulled the plug. No email means I am not recieving job notifications, nor payment from clients.

    • NWLink (Score:3, Informative)

      by po8 ( 187055 )

      I left NWLink [nwlink.com] DSL a couple of weeks ago over their mediocre uptime and high costs, especially bandwidth costs. They were down quite a few hours per month lately (that I noticed) and their tech support was not so good. They seemed to have a lot of router configuration problems: there were frequent router loops. This may have been partly due to their prime (only?) feed to most of the world being alter.net [alter.net], which at least in this neck of the woods is quite slow and tangled. NWlink claimed at one point that they were just finishing up some big network reconfiguration, and things should get better: when things didn't seem to, that was the end for me. I should have waited to switch: it would be nice to dump them now in protest over their DDOSing of SDF :-).

      I chose NWLink several years ago because at the time their prices were good, and my previous provider, NW Nexus [nwnexus.com], had been bought out twice and become expensive and quite unreliable in the process. Now I'm with DSL Only [dsl-only.net], and so far they seem great. ISP service is $18/month for 640/256 DSL, with no bandwidth charges, no restrictions on use, a static IP, and two mailboxes. It's been reliable so far, and they are direct to a local exchange that in turn is direct to my work and to Internet2, so ping times and bandwidth are excellent.

      It would be nice to be done with ISP switches forever: maybe this is it. The other good news is that this was the easiest ISP switch so far: Qwest seems to have it figured out now, and it was completely routine.

      FYI. As always, YMMV.

  • Why don't the police think of this? (Score:5, Interesting)

    by pyramid termite ( 458232 ) on Saturday February 01, 2003 @10:23AM (#5203205)
    Clearly, if they started arresting the victims of crime, crime would instantly stop as all the victims would be in jail and safe from the criminals out roaming the streets. It's just another example of how the online world is showing society new and innovative ways to solve serious problems.

  • why oh why (Score:2, Interesting)

    by womby ( 30405 )
    at long last an ISP starts to take ddos sources seriously and then they throw the baby out with the bath water.

    if my link was being used to host a ddos attack I would hope I could get notified of the problem and some assistance in fixing it.

    to clean up the net we have to educate the users not move them somewhere else, though not for one second am I sugesting that these perticular admins needed educating but they did need notifying.

    --required "I remember when"

    years ago I was network admin in the UK for a company our exchange server was managed by the US office (the whole globes exchange services where US managed)

    I realised that our server was an open relay and notified my director in the US and was told that it didnt matter because nobody would scan us why would anybody scan an advertising agency.

    a quick install of snort on another box and a week later I had proof that we were being scaned.

    still no action

    a couple of weeks later our ISP sent us an official letter in telling us to fix the relay or be booted.

    they could have booted us at any time but they did the right thing and warned us first.

    the relay was fixed.
    • then I go away and start reading more about what happend and realise I was making a bad assumption.

      it doesnt even seem like they were hosting a ddos they were the target.

      bloody isp should get burnt down for the d/c now
    • RTFA. They were *victim* to a DoS attack.
      • and a whole hour before you started your little rtfa shout I had appended the post to point out that I had re-read and had been mistaken

  • Thoughts from a member... (Score:2, Insightful)

    by Anonymous Coward
    I have been a member of SDF for one and a half years, and I am very disappointed to see this piece of Internet history on the verge of becoming history. It has been a very successful form of what people have been calling the `digital commons' -- proving that the Internet can be something that commercial providers can never offer: a place in which to cooperate, make friends, help others... (sounds cheesy, but it's true)

    Now, due to a couple of kiddies that wanted to prove their `skills', SDF has to go offline, leaving thousands of users unable to access their email and contact friends, and several more thousands unable to access Web and Gopher resources hosted on SDF... giving commercial providers like AOL just one more argument in their favour. They can afford lawyers to take care of shit like this... we can only depend on community leverage. I hope it will be plentyful. Damn. I wanna play netris on sdf....

  • You probably don't. So I'll tell you.

    I woudn't be surprised if the DDOSers were in league with NWLink. Or maybe I'm just paranoid or something. Or maybe, as a member of SDF myself, I'm more than a little annoyed at this incidentr. It is SO WRONG.
  • Hasn't M-Net [arbornet.org] been around a whole lot longer than SDF? I remember dialing into M-Net (on a 300 baud acoustic coupler!) in 1983 when it was running System 3 on an Altos 68000.

  • SDF was moving (Score:4, Interesting)

    by Fencepost ( 107992 ) on Saturday February 01, 2003 @11:40AM (#5203776) Journal
    The interesting thing about this is that SDF was down on Thursday for a scheduled move to a new location (still on NWLink, but a better facility) and simply never came back up. First it was delayed due to instability in NWLink's internal network, then apparently by just being disconnected.

    Personally I find the timing suspicious - the move was originally scheduled for earlier in the week, then was delayed at NWLink's request, then when it actually happened "Oh, we're disconnecting you." Did they decide some time ago to get rid of those pesky SDF people and just try to make it look like an SDF problem instead of a NWLink disconnect?

  • Is there a standard letter of complaint somewhere to send to the appropriate authorities? I don't have a clue as to what to say to whom and how, but I'd like to express my dismay at NWLINK's actions to someone in power. (I am in NL, by the way.)

  • Trying to link the WA consumer complaint form (Score:3, Informative)

    by crush ( 19364 ) on Saturday February 01, 2003 @01:35PM (#5204400)
    produces this error. Is this a /. problem or a problem with their link?

    Not Found
    The requested object does not exist on this server. The link you followed is either outdated, inaccurate, or the server has been instructed not to let you have it. Please inform the site administrator of the referring page.

  • This kind of crap will continue (Score:3, Insightful)

    by Qzukk ( 229616 ) on Saturday February 01, 2003 @01:44PM (#5204463) Journal
    As long as its in the best interests of the bandwidth providers (who get mega cash for all these GBs) this kind of crap will never stop.

    And guess what, its EASY to stop! Simply require the netork borders to perform filtering on packets crossing the border. If your cable modem is spewing out packets addressed from China, and you're in Florida, SOMETHING IS WRONG. These packets should have never gotten into the internet in the first place.

    Suddenly, when spoofing is no longer possible, DoS doesn't seem like such a great idea. Even with botnets and crap for DDoS usage, if you can be tracked back from a single trojaned box, you'd have to be stupid to try.
  • there goes my hosted immages, FUCKING A. I need a new fucking free shell provider now. Any ideas??

    FUCK FUCK FUCK FUCK SHIT FUCKING A!
    • Chill d00d, stress is bad for you :)

      free shells are a dime a dozen (but good ones like SDF are hard to come by) Remember the old-time hacker approach of finding out when it is that almost nobody uses the computer and using it then even if it means re-arranging your life.

      Cyberspace.org (also known as Grex)
      One of the oldest free shell providers. Volunteer run. 1MB quota, limit of 75 logins at a time. Additional users must queue up to get on when the limit is reached. Running on scavenged Sun hardware. Grex doesn't allow bots. Don't even bother downloading stuff like Eggdrop, BitchX, psybnc, etc. since Grex has filters that won't let them run, and the admins will chase down the files and remove them.
      $ telnet cyberspace.org

      --

      www.publiclinux.net
      Linux shell accounts.
      $ telnet pub.dtdns.net

      --

      Shellyeah.org
      Reasonable free shell service, somewhat limited command set. Sister service to Ultrashell.net, a commercial shell provider.
      $ telnet shellyeah.org

      --

      ductape.net
      Public access unix system offering shell accounts, IMAP Email, web hosting. Web registration.
      http://ductape.net
      $ telnet ductape.net

      --

      h14me.yi.org
      Freenet system with shell access and a bbs.
      $ telnet h14me.yi.org

      --

      rootshell.be
      Shell, 2MB quota, standard tools, no IRC due to ddos attacks. Web registration.
      $ telnet phenix.rootshell.be

      --

      more via google.com [google.com]
      • I used shellyeah for a while, I didn't know if they were accepting new users anymore (there was a intresting bug in there auto new user script, and I forgot my password). I did the good samaritan thing and reported the bug, which alowed you to overwrite user accounts(real fun, I thought it would be funny to see what it did to root...making the system unsuable but I am not going to piss in the pot I take from.)

  • Northwest Link (Score:4, Interesting)

    by chuckw ( 15728 ) on Saturday February 01, 2003 @03:35PM (#5205157) Homepage Journal
    I used to have a dial-up account with Northwest Link circa 1998. They are quite possibly the rudest, most disorganized people I have ever worked with. They double billed me for the first three months of my service, and then they proceeded to bill me for 3 months of service after I cancelled my account.

    I cancelled my account in mid 1999 because I got DSL. I received confirmation of this. Four months later I received a collection agency notice saying that I had not been paying my bill (on an account that I had cancelled). I responded with plenty of evidence that I had cancelled the account. The mailed response ignored any of my evidence and re-iterated the original claim. I finally called the NWLINK offices and talked to the NWLINK collections guy. I don't recall his name, but the collections guy sounded like the most crochety old man I had ever heard. I stated my case and his response was, "Pay your damn bill! We don't run a charity here!!!". It was as if he hadn't even heard a word I said, or as my father likes to say, "we were having two spearate conversations". I got the feeling that he thought I was some punk kid trying to scam NWLINK out of a few months of service.

    I will never again do business with them. To those who have asked me about Internet Service Providers over the last 4 years, I have advised that they not do business with NWLINK either. I doubt I've made any impact on their bottom line, however I can assure you that the $75.00 they got out of me cost them at least ten customers. I mean really, all they had to do was treat me with a little respect regardless of who was right and who was wrong...
    • That's quite the opposite of my experience. About the same time ago, I had a dial-up account with them, and it was the most robust dial-up service I've ever experienced. They were also friendly to Unix using customers. Later, I switched to Speakeasy DSL. While waiting for the DSL connection, I used Speakeasy dial-up, and it was not as reliable as the NWLink account. But that's just my 2 cents, YMMV.

  • Complaint form link (Score:2, Informative)

    by lesterhv ( 125530 )
    The correct link is http://www.wa.gov/ago/consumer/forms/ [wa.gov] not the ./form/ that was in the original link.

  • PLEASE .. BE SENSIBLE! FOR THE SAKE OF SDF! (Score:1, Insightful)

    by Anonymous Coward
    PEOPLE .. Please stop threatening NWLINK. Yes, they could have handled this situation better, but the point is they didn't and that isn't going to change. We need to look toward the future now. If any host can be shutdown like this, then no hosts are safe. I think the thread here should go to POSITIVE WAYS to do successful tracebacks so that DDoSing will stop for everyone. I don't want to see SDF become the scapegoat for this, it really doesn't solve anything for the long term. I've talked with the CEO of NWLINK and he is a nice guy, but he has his hands full as it is. Lets not look back and think of the future.

    Stephen Jones
    Caretaker
    SDF Public Access UNIX System
    • Stephen, why are you defending them? Anyone who would do this is in no way, shape or form a "nice guy". SDF is already a scapegoat, made so by NWLink. The fact that the DoSers are also villains doesn't excuse NWLink's outrageous reaction. As an ARPA member of SDF myself, I'll be keen to join in any legal action against NWLink -- with or without your endorsement.

      Of course I don't condone DoSing NWLink in turn, as someone suggested. But lawsuits, yes; and spreading this story, discouraging others from doing business with them, absolutely. I think those are the kind of threats that need to be made, and carried out.

    • Let me get this straight: You get whacked by a DDoS, your ISP has signed contracts that he can't afford to uphold, so he dumps you like a hot potato rather than providing the tech support which he is also contractually obligated to, and whines about it publically. We are supposed to just make it OK, and not give him s*it about this because it's not forward looking.

      I rather think that if we /. him into the dirt it'll be more likely to teach him a small lesson and then MAYBE the next poor bastard who gets DDoS'd won't have to ALSO find a new home at double the money.

      These idiots who sign guaranteed BW contracts without using a lawyer who actually understands the net and its pitfalls get no sympathy from me.

      yogi
  • I'm curious... for NWLink, what would have been the right way for fending off the DoS attacks? Dropping their client in the hope that the kiddies will stop is a bit of a kludge. The existence of their business still depends on the mercy of anonymous criminals.

    There appears to be a pretty big need for a form of accountability.. right now, you can get almost any small site/organization off the net, simply by flooding them and getting them to run up their ISP bill. What would be the appropriate course of action for victims to such attacks?
  • NY switches to 11 digit phone numbers.

    The world loses another (virtual) PDP-10
    twenex.org: No address associated with hostname
    (That was part of SDF if you didn't already know)

    8000 people die of AIDS as usual.

    And the space shuttle doesn't make it back.

    (I know I shouldn't begin sentances with and)
  • Can someone please explain why this was put under the topic of "BSD", and why such a thing was even mentioned in the "article" by Hemos?

    A DDOS attack is an attack on bandwidth, not an attack on an operating system.

    If I was more cynical...wait I am more cynical: I think its just because either Hemos doesn't understand the difference, or more likely, just wants to jump at a chance to badmouth that other operating system [freebsd.org] that he knows is so much of a threat to their treasured linux.

    Personally I don't think this story comes under the heading of "News that matters", and even if it was worthy, it should have been put under the 'Security' heading, not "BSD".

    Perhaps we can get a new section for Denial of Services, or perhaps, a wider umbrella would be a 'teenage HaX0r' section where we can put DDOSs, Web Defacements and Case Mods all together. (That way, people who have lives can choose the option not to display any of that shit on the front page)

    Thanks, majestynine.

    • "Perhaps we can get a new section for Denial of Services, or perhaps, a wider umbrella would be a 'teenage HaX0r' section where we can put DDOSs, Web Defacements and Case Mods all together. (That way, people who have lives can choose the option not to display any of that shit on the front page)

      We already have that [attrition.org].

      "Can someone please explain why this was put under the topic of "BSD", and why such a thing was even mentioned in the "article" by Hemos?"

      Golly, I sure can explain this. It's cause it's their site, not yours.

    • You linked to FreeBSD, but SDF runs (or ran, sadly) NetBSD 1.6 on Alpha. I was a paid ARPA-level member, just about to rsync(1) my site from my personal DSL web server to their fast OC-3s for public perusal. Guess I'll have to wait... ;(
    • Hemos didn't write this article, "bullshizzle" did. bullshizzle for some reason filed it under BSD and not security. Sometimes inaccurate topics get past the editors. Get over it.

      Don't blame Hemos. The opinions are that of bullshizzle. Flame him instead.

      You're also missing the point of the article.

      Yes they were DDoSed, but the point is that NWLink disconnected them unfairly.

  • I'm going through withdrawal pangs without my shell account. I've heard NWLINK's explanation but the timing and the anecdotes of former customers cast a pall over their credibility. My take on this is they were just covering their butts. As a result, thousands of us who rely on our accounts for email and more are high and dry. If what NWLINK said is true, the script kiddies won. That's the best that I can say for them.

    Long live the Super Dimensional Fortress!

    • You get what you pay for.

      • You get what you pay for.

        That's a seductive line of reasoning with a ring of truth but in the case of shell services it just isn't so. I came from a local ISP which offered shell service. They were bought out and the service deteriorated to the point where it was no longer viable. I paid for shell service but towards the end, didn't get it.

        Before that ISP went under, I tried another one that was a bit more expensive. To my surprise, they didn't have a news server and claimed no other shell provider had news either. They had old versions of various applications and had vi aliased to elvis. (!) Another one I tried had all kinds of high minded login messages about using ssh and come to find out they were running version 1. I had to sign up and pay for a couple months to find out these things.

        That being said, I do contribute to SDF beyond the arpa fee. I do this because I appreciate how good it is compared with the shell services I "paid" for.

  • the net will continue to suffer from denial of service attacks because it is designed to facilitate such attacks. the control packets (ip headers and such) which are part of the TCP/IP protocol are sent on the same bandwidth as the data, therefore effectively clogging up bandwidth that could be used for non-ddos traffic. simply by responding to every dos request, the bandwidth is wasted. the same was possible with 'blue boxing', 'red boxing', whatevercolor boxing on the phone systems some 15-20 years ago and the phone companies figured it out and changed their signaling to be 'out of band', that is out of the voice band, thus deeming all '*boxing' useless. the net needs a similar revamp, but who's ready to do it, and migrate everything to a new system,and what will be the cost involved?

    Ddos wont be stopped because in its current form, the net facilitates it....
  • As regards this quote:
    ArborNet (Located right here in my town) has been around for
    at least a number more years

    Let's see, this one liner:

    echo 'main(){printf("according to my calculations \"a number more years\" is: %d.\n",0xa);}'>./a.c;gcc ./a.c;./a.out

    seems to produce the following output:

    according to my calculations "a number more years" is: 10.

  • I've been a Lonestar user for 7 around years, it is an extremely useful service and a great community. I pay a nominal amount for what is called an "ARPA" (meaning fully featured) shell account that is at least as good as other shell accounts that I hold with commercial providers.

    One of the commercial providers that I use explicity disallows users from using IRC or running bots from their account, for the reason that IRC attracts DDoS. Some user gets into a disagreement with some little script kiddie fuckhead then Wham-O! The systems are knocked over or inaccessible and lots of users are inconvenienced. In this case, inconvenienced beyond the script kiddies wildest dreams. Right now the culprits will be laughing about it between frantic bouts of mutual masturbation.

    Once Lonestar is moved to it's new provider or an amiable solution is found with it's current provider, I think it would be wise for to cease all IRC activity so that it can minimise the chances of this happening again.
  • A similar thing is happening to Dalnet - due to the DDOS attacks (since Dec 8th!) many servers are just dropping out because of the high bandwidth. According to the site, many ISPs are making the decision not to host irc servers at all due to the risk. Sad...
  • I can ssh to sdf.lonestar.org.

    I can't resolve pop.freeshell.org from my machine, but I can resolve it from the shell on sdf.lonestar.org, so I presume that is a DNS propagation thing.

    I took the IP address as found on sdf and put it in my /etc/hosts file, and just retrieved my accumulated email. I'm sure SDF will be under strain as people catch up today and tomorrow, so I'll refrain from bogging things down.

    Woohoo !

    I'll be checking the bboard later to see what this has cost SDF, and see if I should be sending them a little bit more money.

Slashdot Top Deals

Love may laugh at locksmiths, but he has a profound respect for money bags. -- Sidney Paternoster, "The Folly of the Wise"

Close