[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [dvd-discuss] DoS Dirty Tricks (was Movie Downloads, automaticallyillegal?)

On Tue, 6 Aug 2002, John Galt wrote:

> This might actually set up a new form of defacement.  A hacker breaks into
> a given site, runs a trivial p2p program with red-flag content as an
> unprivileged user, then lets the MPAA/RIAA DoS them to hell and back.
> Voila! you've taken them out, and you did it from a 1000+ UID...  No need
> to waste your GOOD toys to take a site out.

I think they'd be much more creative than that.  Breaking into a site is
legally problematic, and entirely unnecessary.

Just send around some forged gnutella packets with the victims source
address.  Viola, the MPAA has just DoS'd them and the person doing it has
done nothing illegal.  I would speculate that the gnutella network doesn't
do as much source verification as, say, TCP/IP, so it should be even
easier than spoofing an IP.  (although I am not an expert on P2P, or
TCP/IP for that matter)

No matter how they "find" targets, they can somehow be "spoofed".

______         _ __                          Military Intelligence
  /           ' )  )        -KC0LQL-         Honest Politician
 / o ______    /  / _  . .                   Intellectual Property
/ <_/ / / <   /  (_</_(_/_  -- tneu@visi.com / http://www.visi.com/~tneu --