[ISN] DDoS: The Message is Often Lost in the Noise

[InfoSec News <alerts@xxxxxxxxxxxxxxx>]

https://infosecisland.com/blogview/18315-DDoS-The-Message-is-Often-Lost-in-the-Noise.html

By: security curmudgeon
infosec island
November 23, 2011

Distributed Denial of Service, or DDoS, attacks are an extremely simple 
thing, in concept.

This article won't get into the details of investigation, C&C tracking, 
dozens of jurisdiction battles, mitigation, or any of the technical 
aspects of such attacks.

Rather, this article is a simple request directed at those who launch, 
contract, or operate botnets that facilitate DDoS attacks.

On the most fundamental level, a DDoS attack is about PersonA doing 
wrong, and PersonB punishing them for it. It doesn't matter what your 
perception of "wrong" is. PersonA did something wrong in the eyes of 
PersonB, and that is all that matters. PersonA could have fired PersonB 
from a job, posted derogatory comments about the wife, or said cats are 
better than dogs on a pet forum.

Rather than ignore the transgression, move on, or confront the person in 
a more rational manner, PersonB resorts to a DDoS attack. They may have 
the resources to launch it themselves, or may have to pay for the 
service.

Most in the security industry frown upon botnet-for-hire operators that 
sell their stolen bandwidth for illicit purposes. Just today, a person I 
spoke with called them "scum". Perhaps they are. Personally, while I 
don't like or agree with it, I understand it. They are no different than 
any other person selling questionable or illicit services or goods in 
our society.

[...]


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn