Saturday, April 29, 2006

Alternative Warfare by the Religion of Peace

Major Denial-of-Service attack yesterday, affecting the following blogs:

Blogs down:
Instapundit (***Glenn is posting on his back-up site here***)Power Line Captain's Quarters Pundit Guy Chuck Simmins Small Dead Animals Radioblogger Hugh Hewitt IMAO Mountaineer Musings Say Uncle Counterterrorism Blog Anti-Idiotarian Rottweiler Castle Arggh! - John DonovanShe Who Will Be Obeyed - Beth DonovanMichael Totten Ticklish Ears Samizdata Theodore's World Patterico Florida CrackerJeff Quinton Overlawyered Blogs4Bush Tim Blair Down with Absolutes Nyominx

Not to mention Malkin.

The attack was created by someone in Saudi Arabia.

The fact that "Overlawyered" also went down hints at the possibility that Bob Habush chipped in to finance the DOS attack...


Phillybits said...

The attack was "created" by someone in Saudi Arabia? Do you even know how DOS attacks work?

Do you also know that anyone with the know-how could orchestrate such an attack by sending a particular trojan out over the internet, waiting until enough computers have become infected (by way of checking in with an IRC server), and then directing all the zombie computers to proxy (look that up) to a foreign IP address and then forward the attack on from there?

But it "looks" like it came from Saudi Arabia. Do I have that right?

Dad29 said...

I just read the news and report it, Philly.

You evidently are a genuine technical guru. Perhaps YOU should track down the country of origin and show us the URL trail.

Go on. Be a sport!

Phillybits said...

Not my job to look it up. Also, there wouldn't be a URL trail, there'd be a tracert trail, or string of reverse hops as you trace the IP trail back to it's source. If done soon enough after the attack was initiated, realized as an attack. If the reverse trace didn't start timing out at broken or non-existant (spoofed) IP destinations. And even then, no guarantee that it could be traced at that point.

The point was that since it appeared to be coming from Saudi Arabia, everyone jumped on the bandwagon without doing any homework on either DoS/DDoS attacks, or any other word from Hosting Matter.

"It came from Saudi Arabia! Terrorists! Cyber-jihadists! They've brought the war to us, finally, just like we said it would!"

Not saying you said things like that, just that it is being said. Hell, for all I know, they are Saudi Islamic Cyber Jihadists. But until it's proven beyond a reasonable doubt, let's not jump to conclusions, mmkay?

With about 5 minutes of searching, I could probably find an open proxy in Saudi Arabia, configure my browser to connect to the proxy, and if you had a Sitemeter (maybe you do), I could visit your site from Philadelphia one second, then Saudi Arabia the next, and you wouldn't know the difference otherwise if I don't point it out.

I'll be a sport though.

DoS attacks
Traceroute (Tracert)
Zombie computer - Also see Botnet
Script Kiddie

Dad29 said...

Like I said earlier, I just report what's in the news:

They do a nice job of scripting Arabic, eh?