Old 10-21-2016, 12:03   #1
Golf1echo
Area Commander
 
Golf1echo's Avatar
 
Join Date: Sep 2010
Location: Western Carolina in the rainforest,4000' along the Eastern Cont. Div.
Posts: 1,426
Second DOS Attack in Days

Today parts of the US face a second round of DOS Attacks.

I can't help think many others around the World feel the same way about our so very competent government I believe the consequences we will face because of the last eight years of the zero admin will be with us for quite sometime, sad indeed...

http://www.dailymail.co.uk/sciencete...real-time.html

http://www.nbcnewyork.com/news/local...ampaign=buffer
__________________
"It is because they have so much to give and give it so lavishly...that men love the mountains and go back to them again and again." Sir Francis Younghusband

Essayons

By Dand

"In the school of the wilds,there is no graduation day"Horace Kephart
Golf1echo is offline   Reply With Quote
Old 10-21-2016, 13:12   #2
bblhead672
Area Commander
 
bblhead672's Avatar
 
Join Date: Jul 2016
Location: Texas, USA
Posts: 1,585
There's a solution for this - the US just needs to turn over control of the internet to foreign governments. (Sarcasm off)
__________________
“Rightful liberty is unobstructed action according to our will within limits drawn around us by the equal rights of others. I do not add 'within the limits of the law' because law is often but the tyrant's will, and always so when it violates the rights of the individual.”

--Thomas Jefferson
bblhead672 is offline   Reply With Quote
Old 10-21-2016, 13:20   #3
tonyz
Area Commander
 
Join Date: Jan 2008
Location: USA
Posts: 4,792
Quote:
Originally Posted by bblhead672 View Post
There's a solution for this - the US just needs to turn over control of the internet to foreign governments. (Sarcasm off)
Lol, I thought the Russians control everything already - that's what someone's campaign says...
__________________
The function of wisdom is to discriminate between good and evil.

Marcus Tullius Cicero
tonyz is offline   Reply With Quote
Old 10-21-2016, 20:28   #4
Volunteer
Asset
 
Join Date: Sep 2014
Location: Oregon coastal fogbelt
Posts: 53
The engineers that build and maintain both domestic and international telecom infrastructure are having some lively discussion regarding the DDoS events as well as other odd network traffic. Some are openly discussing ways to brick the Chinese made Internet capable crapware DVR's and cameras due to their serious defects to stop them being hijacked.

This link takes you directly to their current archive, sorted by subject:
http://mailman.nanog.org/pipermail/n...r/subject.html

Side note:
Internet of Things (IoT) security is imaginary:
http://mailman.nanog.org/pipermail/n...er/088497.html

Interesting follow up factoids:

- Dyn, the DNS company now targeted had in the past had been one of several DNS service providers to Wikileaks. They dropped Wikileaks when the Manning leaks started up.

- 14 years ago very similar infrastructure attacks took place:
http://www.billslater.com/writing/20...iam_Slater.pdf

- Mirai botnet source code published:
https://krebsonsecurity.com/2016/10/...irai-released/

V/R Volunteer

Quote:
Originally Posted by Golf1echo View Post
Today parts of the US face a second round of DOS Attacks.

I can't help think many others around the World feel the same way about our so very competent government I believe the consequences we will face because of the last eight years of the zero admin will be with us for quite sometime, sad indeed...

http://www.dailymail.co.uk/sciencete...real-time.html

http://www.nbcnewyork.com/news/local...ampaign=buffer

Last edited by Volunteer; 10-21-2016 at 23:32.
Volunteer is offline   Reply With Quote
Old 10-22-2016, 01:31   #5
Flagg
Area Commander
 
Join Date: May 2011
Location: New Zealand
Posts: 1,423
Might be worth checking out Krebs on Security:

http://krebsonsecurity.com

His site was recently the target of the biggest DDOS attack to date(Until now).

A good friend owns a company that does big volume IP based security cameras and sensors.

He confirmed what's being written up about "internet of things" at risk of being botnet attack arrays.

The cyberwire is also a really solid podcast in small chunks(avg 15 minutes):

https://thecyberwire.com

"The internet of things" may become the "why we can't have nice things".
Flagg is offline   Reply With Quote
Old 10-23-2016, 17:59   #6
Volunteer
Asset
 
Join Date: Sep 2014
Location: Oregon coastal fogbelt
Posts: 53
Brian Krebs is an excellent resource.
What I'm reading from Dyn indicates that over 10 million compromised devices and distinct individual IP addresses were involved in the attack. That make defense extremely difficult. The figure of 10 million devices is estimated to be less than 10% of what's actually been compromised.

I don't claim these to be original work - On the lighter side:
This is what happens when you first realize you can delete email directly from your smartphone:
https://pbs.twimg.com/media/CvfPeVIVUAAbhji.jpg

The current state of IoT security:
This is what you get when you mix Home Depot, WiFi and a touch screen refrigerator: Pornhub. https://pbs.twimg.com/media/Ct3yQjNUAAAtuE_.jpg

V/R Volunteer

Quote:
Originally Posted by Flagg View Post
Might be worth checking out Krebs on Security:

http://krebsonsecurity.com

His site was recently the target of the biggest DDOS attack to date(Until now).

A good friend owns a company that does big volume IP based security cameras and sensors.

He confirmed what's being written up about "internet of things" at risk of being botnet attack arrays.

The cyberwire is also a really solid podcast in small chunks(avg 15 minutes):

https://thecyberwire.com

"The internet of things" may become the "why we can't have nice things".

Last edited by Volunteer; 10-23-2016 at 18:24.
Volunteer is offline   Reply With Quote
Old 10-23-2016, 20:55   #7
CloseDanger
Guerrilla
 
Join Date: Dec 2008
Location: Sanford, NC
Posts: 160
Don't forget the Good DR Kryptia - Pre-event analysis -
DD0S: Posters From Walls To Legitimate Weapon Of War and Its Possible Use Scenarios



Keep your eyes on the Whole of the battlefield
CloseDanger is offline   Reply With Quote
Old 10-24-2016, 15:13   #8
MtnGoat
Quiet Professional
 
MtnGoat's Avatar
 
Join Date: Feb 2006
Location: Asscrackistan
Posts: 4,289
IMO this "Cyber Attack" was a just a probe. This is my out of the box GUESS. This was a test run, and the main effort for this cyber run will be on Election Day. The target will be Voter election machines and their ability in transmitting their data to their State and Federal "counting centers". Unable to transmit the data, many of the targeted areas (States) Voter election machines will be "shut down".

For anyone that has seem the in that map "Heat Map" of the effected areas, and then overlay that with the States that Soros has Voter Machine "Control" in. My thinking why this is a test run, is basically this will cause states not able to receive their electronic VOTES. States may have to hand count ballots from each machine. SO, if the 16 states that Soros has control of the voting machines companies and can YES pre-load votes, THEY can't transmit now as shown on Friday. Yes they didn't get Florida or Colorado, but they hit just about every State that Soros has voting machine control over.

This is why I don't like election voting machines. Hacking is a very high possibly and issue. Pre-loading votes, machine control over ballots, Etc. I do feel "THEY" did this to early though. But no State can really get better firewalls and "Cyber defense " added in these 17 days or less.

Yes I have my Tin Foil Hat on too.
Attached Images
File Type: jpg DDOS Heat Map.jpg (79.0 KB, 26 views)
__________________
"Berg Heil"

History teaches that when you become indifferent and lose the will to fight someone who has the will to fight will take over."

COLONEL BULL SIMONS

Intelligence failures are failures of command [just] as operations failures are command failures.”
MtnGoat is offline   Reply With Quote
Old 10-24-2016, 16:51   #9
Golf1echo
Area Commander
 
Golf1echo's Avatar
 
Join Date: Sep 2010
Location: Western Carolina in the rainforest,4000' along the Eastern Cont. Div.
Posts: 1,426
It is my understanding that the DOS attacks involve the internet of things....thermostats, refrigerators, controllers, etc... they all had basic security codes when they left the factories like 12345 and end users either never changed them or didn't know how nor understand the importance of changing those passwords. Not long ago programs to access and collect that data were released to the dark web ( something not uncommon when the originators want to obfuscate it's origin ).

Is it just me or does this seem like a self-fulfilling prophesy? I can't understand why appliances and controllers would share the same space as business and government operations. If these guys are so smart, maybe Al Gore can invent another internet for their use....oh but wait that would interfere with the fafillion dollar industry of guarding for and correcting these attacks. Some days it seems like the technologists are racing hell bent into the future only as they go by we get caught and drug along with them. Self driving cars, people living on Mars, flying ubers and drones......we can't even get air bags right or replace the ones we know are faulty. I'm not against good ideas and moving into the future but how about some real world perspective...when will that occur? Shaking my head at so many things these days.

I'll juxtapose this with a story I read not long ago. It was about how the Germans had cut off the Allies ability to resupply Africa by sinking several ships in straights as Germany poured into the African campaign. Here in this country we specially built a strong tug boat and sent her and her crew all in record time over to those African straights to remove those sunken ships and allow for the logistics to flow to the Allies and we know how Africa worked out for the Germans. My point is, I don't believe we have the capability to do that today. we need a balance of manufacturing and tech, tech on it's own isn't meant to build anything.
Edit: The Massawa Miracle
The heavy tug Intent, built in 26 days, left Port Arthur, Tx Feb.26,1942 arrived in Massawa May 27,1942 Job completed Nov. 28,1942 Rommel retreats 110 miles.
Collier's Nov.,13,1943
__________________
"It is because they have so much to give and give it so lavishly...that men love the mountains and go back to them again and again." Sir Francis Younghusband

Essayons

By Dand

"In the school of the wilds,there is no graduation day"Horace Kephart

Last edited by Golf1echo; 10-25-2016 at 15:41.
Golf1echo is offline   Reply With Quote
Old 10-25-2016, 14:29   #10
MtnGoat
Quiet Professional
 
MtnGoat's Avatar
 
Join Date: Feb 2006
Location: Asscrackistan
Posts: 4,289
Quote:
Originally Posted by Golf1echo View Post
It is my understanding that the DOS attacks involve the internet of things....thermostats, refrigerators, controllers, etc... they all had basic security codes when they left the factories like 12345 and end users either never changed them or didn't know how nor understand the importance of changing those passwords. Not long ago programs to access and collect that data were released to the dark web ( something not uncommon when the originators want to obfuscate it's origin ).

Is it just me or does this seem like a self-fulfilling prophesy? I can't understand why appliances and controllers would share the same space as business and government operations. If these guys are so smart, maybe Al Gore can invent another internet for their use....oh but wait that would interfere with the fafillion dollar industry of guarding for and correcting these attacks. Some days it seems like the technologists are racing hell bent into the future only as they go by we get caught and drug along with them. Self driving cars, people living on Mars, flying ubers and drones......we can't even get air bags right or replace the ones we know are faulty. I'm not against good ideas and moving into the future but how about some real world perspective...when will that occur? Shaking my head at so many things these days.

I'll juxtapose this with a story I read not long ago. It was about how the Germans had cut off the Allies ability to resupply Africa by sinking several ships in straights as Germany poured into the African campaign. Here in this country we specially built a strong tug boat and sent her and her crew all in record time over to those African straights to remove those sunken ships and allow for the logistics to flow to the Allies and we know how Africa worked out for the Germans. My point is, I don't believe we have the capability to do that today. we need a balance of manufacturing and tech, tech on it's own isn't meant to build anything.
Yes.. but those appliances were used as apart of the Botnet. All of our appliances today have computers in them. Well anything that is digitally made today.

http://thehackernews.com/2014/01/100...ther-home.html
__________________
"Berg Heil"

History teaches that when you become indifferent and lose the will to fight someone who has the will to fight will take over."

COLONEL BULL SIMONS

Intelligence failures are failures of command [just] as operations failures are command failures.”
MtnGoat is offline   Reply With Quote
Old 10-25-2016, 15:07   #11
CloseDanger
Guerrilla
 
Join Date: Dec 2008
Location: Sanford, NC
Posts: 160
Flashpoint AAR reveals Amateurs were behind the Dyn Inc. DDoS attack
CloseDanger is offline   Reply With Quote
Old 10-25-2016, 15:58   #12
cedsall
Guerrilla
 
Join Date: May 2010
Location: Washington, DC
Posts: 110
Hard not to geek out on this one but here goes.

As MtnGoat pointed out, this is about botnets and the IoT. How well is your DVR secured? You probably have no idea (I don't). It's internet connected and can be used as a vector for an attack. How many folks on your block, your city, your state with the same DVR.

DDoS use that idea to magnify the effects of an attack by directing 10s, 100s, or 1000s of these things at a target. Most DoS attacks also randomize the source ip address of the attack packet so you, sitting in your corporate network, can't pinpoint a source. Your ISP may be able to help by looking at which of their peering circuits is bringing in the attack but if it's a distributed attack, chances are it's coming in from so many different vectors they would effectively shut themselves down to block them all. ISPs have been told for at least 15 years to egress filter their networks so they only allow out packets that originate from the ip networks they "own" but we can all see how well that advice has been followed. And in certain areas of the world it's really the wild, wild, west.

All this is to say - there are ways to prevent these attacks but it takes a coordinated effort and the internet is not yet in a place where that level of coordination can occur.

Government could jump in and start regulating the internet like they do for other utilities but 1) do you really want the government managing the internet? and 2) how would you handle the international angle?

It's not an easy problem to solve.

One final bit of humor. I audited a network years ago and the network admin had a HUGE access list in their router. Large access lists take a toll on the ability of the router to route packets (it's job). I asked about the access list and he told me "<higher headquarters> requires us to have that list in all our perimeter routers". "OK, but what are all these lines blocking individual ip addresses? Oh, those are there to block denial of service attacks. Um, if you're blocking it on your premise router, it's a little too late..."
__________________
You know spies… bunch of bitchy little girls.
--Bruce Campbell as Sam Axe in Burn Notice

Now... 97Charlie... there was an MOS!
--ZonieDiver
cedsall is offline   Reply With Quote
Old 11-01-2016, 14:43   #13
MtnGoat
Quiet Professional
 
MtnGoat's Avatar
 
Join Date: Feb 2006
Location: Asscrackistan
Posts: 4,289
Quote:
Originally Posted by cedsall View Post
Government could jump in and start regulating the internet like they do for other utilities but 1) do you really want the government managing the internet? and 2) how would you handle the international angle?

It's not an easy problem to solve.

But the USG gave up control of the internet to whom... Yeah the UN. Anyways back to your Popcorn gents

One final bit of humor. I audited a network years ago and the network admin had a HUGE access list in their router. Large access lists take a toll on the ability of the router to route packets (it's job). I asked about the access list and he told me "<higher headquarters> requires us to have that list in all our perimeter routers". "OK, but what are all these lines blocking individual ip addresses? Oh, those are there to block denial of service attacks. Um, if you're blocking it on your premise router, it's a little too late..."

WOW.. humor Haha (not)

A little late.. How about you left the door open and posted on FB that you were out of Town for the weekend!!!
__________________
"Berg Heil"

History teaches that when you become indifferent and lose the will to fight someone who has the will to fight will take over."

COLONEL BULL SIMONS

Intelligence failures are failures of command [just] as operations failures are command failures.”
MtnGoat is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -6. The time now is 18:32.



Copyright 2004-2022 by Professional Soldiers ®
Site Designed, Maintained, & Hosted by Hilliker Technologies