Berkeley CSUA MOTD:Entry 17463
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/05/24 [General] UID:1000 Activity:popular
5/24    

2000/2/9-10 [Computer/SW/Security] UID:17463 Activity:insanely high
2/8     After the recent attacks against the big boys of
        dot com how does a guy prevent further Denial of service (DoS)
        from happening to his own cos. - curious
        \_ You don't.  You can filter some of the crap but never be totally
           safe from it with current protocols and technology.
           \_ why not just change the filter properties?
                \_ Which devices do you own that can filter 1 gigabit per
                   second without crashing while still letting the good
                   traffic through?  And what if the DoS consists of properly
                   formed http calls?  What are you going to filter?
                   \_ so i guess you need to call an upstream isp to put
                      in the proper filters?
                        \_ Idiot!
                        \_ Argh!  TROLL!
                           \_ well, isn't that what they did to stop
                              the http://cnn.com attack?
                                \_ Yeah, they turned on the "filter_DoS_packets"
                                   rule in the routers.  Some new guy had
                                   turned it off and no one noticed.
                                   \_ so i guess you don't know then, huh?
                                        \_ I think when they upgraded to dos
                                           version 2.11, everything was ok.
             \_ what are you going to filter, when the DoS looks EXACTLY like
                lots of normal traffic packets?  Is the 'Slashdot Effect'
                a malicious attack, or just your site suddenly becoming very
                popular.  Either way, your site is basically down.
                \_ are you sure DoS packets look exactly like normal packets?
                        \_ Of course not.  They have the DoS flag set.
                           \_ so i guess you don't know then, huh?
                                \_ The dos upgrade to v2.11 fixed it.
        \_ A possibility would be to make your company site a moving target.
           Have sevearal locations/IP's you can use. When one IP gets hit with
           the big DoS, change your DNS entry ( you set your TTL low ahead
           of time, right?), and move your site to the new IP.
                \_ That'll work, uh... never.  DoS kiddies just get the new
                   IP the same as everyone else.  Welcome to the internet.
                        \_ ACK!  I've been trolled!
        \_ if you have to ask, you don't know
           \_ thanx for stating the obvious
        \_ Unplug net cable.
        \_ If companies with hundreds of millions of dollars at stake can't
           prevent it, what the hell makes you think you can?
                \_ Because I read a zdnet article about how to stop it.
                     \_ it's so ironic, that zdnet was attacked and shutdown
                        for 2 hours this morning.
        \_ Very little.  Try not to be a tempting target.  The way the big
           sites were attacked recently was by distributed clients running
           on many windows boxes infected with a remotely activated virus.
           There wasn't any obvious TCP stack bug problem with the servers
           or anything, they just got overwhelmed by tons of valid-looking
           hits.  Short of weird heuristics, there's very little you can
           do about this.
        \_ What about authenticated IP? -- network newbie
           \_ Won't stop traffic floods, which is what they're getting
              hit with.
           \_ First define authenticated IP, then figure out how much your
                business will lose by cutting off all the random web users
                who don't use it.
        \_ Why don't we all start attacking http://www.microsoft.com and bring down
           the Evil Empire(TM)?
2025/05/24 [General] UID:1000 Activity:popular
5/24    

You may also be interested in these entries...
2012/5/8-6/4 [Computer/SW/Unix] UID:54383 Activity:nil
5/8     Hello everyone!  This is Josh Hawn, CSUA Tech VP for Spring 2012.
        About 2 weeks ago, someone brought to my attention that our script
        to periodically merge /etc/motd.public into /etc/motd wasn't
        running.  When I looked into it, the cron daemon was running, but
        there hadn't been any root activity in the log since April 7th.  I
        looked into it for a while, but got lost in other things I was
	...
2011/11/16-12/28 [Academia/Berkeley/CSUA, Computer/HW] UID:54230 Activity:nil
11/16   We'll be taking all CSUA machines offline in the near future for a Soda
        Hall server room reorganization (we're being moved to a neighboring
        server cabinet).  Downtime will hopefully be minimal.  --jordan
        \_ Thanks for all your work keeping the machines running!  It's
           been awesome having soda actually working again.
        \_ Update:  this is tentatively scheduled for Saturday afternoon.
	...
2011/8/9-27 [Computer/SW/Editors/Emacs, Academia/Berkeley/CSUA] UID:54162 Activity:nil
8/9     So I just found out that an old college friend of mine lost her
        four month old daughter to SIDS. What is the correct response here?
        \_ "Did she sleep with her belly?" and "Did you breastfeed?"
        \_ try this joke:
           How do you make a dead baby float?
           ˙ʎqɐq pɐǝp ÉŸo sdooÉ”s oʍʇ puɐ ɹÇ\
	...
2010/11/21-2011/1/13 [Computer/SW/Languages/Web] UID:53988 Activity:moderate
11/21   Lifehacker's recommending Dreamhost as a personal web hosting service.
        Apart from csua, who do you guys use? --erikred
        \_ What do you want to use it for? Do you need CGI or PHP?  My
           brother worked for Dreamhost and said they are unethical. In
           fact, he sued them. This refers to their treatment of customers
           and employees both. I don't know who  or what "Lifehacker" is,
	...
2010/11/1-2011/1/13 [Computer/Networking] UID:54002 Activity:nil
11/1    I'm moving from a home in Fremont to another home within the same ZIP
        code in Fremont, and AT&T customer service says I cannot transfer my
        DSL service because DSL is not available at my new home.  Is that BS?
        Are they just trying to push me to subscribe to their more expensive
        U-verse service?  I'm not asking for any lightening-speed connection.
            \_ could be
	...
2010/8/10-9/7 [Computer/Companies/Google] UID:53919 Activity:nil
8/10    http://www.businessinsider.com/google-puts-wave-out-of-its-misery-2010-8
        Google Wave No More. The people who worked on it were pretty smart.
        They wrote up a super awesome OKR with extremely low bar as a measure
        of success, exceeded everyone's expectations by going above those
        bars, and got big fat bonuses and promotions as a result of their
        planning. Brilliant.
	...
Cache (262 bytes)
www.microsoft.com
Add personality to your e-mail signature; What is Microsoft Business Solutions? Manage Your Profile | 89 Contact Us | 90 Microsoft This Week! Newsletter | 91 Legal 2004 Microsoft Corporation. All rights reserved. Terms of Use | 93 Privacy Statement References 1.
Cache (372 bytes)
cnn.com -> www.cnn.com/
About 250 prisoners freed from Abu Ghraib The United States today freed about 250 detainees from Abu Ghraib prison, site of alleged abuses that prompted global outrage and led to days of hearings on Capitol Hill. Today marks the first mass prisoner release since the abuse scandal broke several weeks ago. Defense Secretary Donald Rumsfeld had visited the prison Thursday.