“Denial of Service attacks aren’t new, yet they persist in being effective methods of denying access to resources on the Internet. Now meet Sockstress, the newest version of DoS attacks and potentially the most devastating of the bunch.”
“Denial of Service attacks aren’t new, yet they persist in being effective methods of denying access to resources on the Internet. Now meet Sockstress, the newest version of DoS attacks and potentially the most devastating of the bunch.”
Fydoor was explaining the typical DOS attack. Nothing really new with that. He also explained the different ways to selectively target resources to bring down the machine. I don’t think that’s particularly new either. As they haven’t published details, its difficult to tell what, if anything, makes it distinct.
and it’s even harder to asses if it’s “most devastating of the bunch.” without knowing jack about it.
But hey, hype sells.
It’s actually very serious. What makes it new is that it’s easy to do and does not take much resources to accomplish the DoS attack. It is basically a way to get around the problem syn cookies was supposed to fix. If you want to learn more about it I suggest listening to episode #164 of Security Now. http://www.grc.com/securitynow.htm
Oh yeah, GRC. A truly reliable source for security information. Gibson would never be caught hyping anything (raw sockets will doom the internet!) out of proportion.
Steve is w/o a doubt a kook, but he’s also usually correct, even when he drastically overstates things. An unpopular opinion, I’m aware.
This sounds like such a simply-structured attack that I wouldn’t mind betting that OpenBSD took care of this about five years ago.
Given that apparently all that is required to foil it is to block the offending IP address, pf would look at an “attack” like this and say “come on now, gimme something hard to do….”
There was a tool called 3wahas that does exactly this, and was released many years ago, back in the late 90s if i remember.