#1  
Old 26-February-2002, 12:19
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default More GRC funnies

today at el reg http://www.theregister.co.uk/content/55/24189.html the reg is way behind, the 'genesis' idea is a poor rip of SYN Cookies, which have been around for years,. the 'genesis' page on GRC is way old, I remember it from at least a year back.. GRC hasn't really added anything recently (?),. I don't quite know whats caused the reg writer to suddenly get so excited... plus the reg writer is not perfect, I can recall pulled articles where he's made mistakes.. still..

this is funny tho - remember the whole thing abt XP raw sockets, and user level access causing an increase in DDoS because of spoof src addr.. well http://grcsucks.com/socket.htm



Sil
Reply With Quote
  #2  
Old 26-February-2002, 12:28
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default

from http://grc.com/dos/drdos.htm

'The GENESIS TCP solution has been in continuous service at grc.com since September of 2000.'

I don't know when the page went up - but it was quite a while ago.. so the reg is way slow, it's not like grc didn't mention SYN Cookies, he just said he didn't know abt them when he was thinking abt his idea (even though you'd have expected someone who's thinking of tweaking around with the TCP protocol to know abt it).

Sil
Reply With Quote
  #3  
Old 26-February-2002, 12:33
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default

oh - grc is now even talking 'egress filtering' -

'The ISP's responsibility

The generation of traffic for a reflection attack depends upon source IP address spoofing. If ISPs would begin adopting the practice of preventing the escape of fraudulently addressed packets from within their controlled networks, this potent attack, and its many cousins, would die overnight. In addition to being the right thing to do by helping to prevent abuses by their customers upon those outside the network, egress filtering also enhances the security for an ISP's own customers because malicious hackers would soon learn that their spoofing attack tools would not function within an egress filtered ISP network. '

real DDoS solution

Sil
Reply With Quote
  #4  
Old 26-February-2002, 12:42
silver's Avatar
silver silver is offline
 
Join Date: Apr 2001
Location: Bournemouth, UK
Posts: 12,177
Default

loo! the wayback m/c

http://web.archive.org/web/*/http://.../nomoredos.htm

Oct 17th 2000, nomore dos page is pretty much unchanged...

Sil
Reply With Quote
  #5  
Old 27-February-2002, 20:37
onomatopoeia onomatopoeia is offline
Professor Yaffle
 
Join Date: Dec 2001
Location: on the bookshelf
Posts: 159
Default

I remember reading about syncookies some time ago. Strange how the linux kernel configuration has an option to compile support in for them
Reply With Quote
Reply

Tags
hackers, isp, security, slow, tools, web

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 21:32.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
Copyright 1999-2014 The Scream!