P2p networks in DDoS attacks
p2pnet.net news:- “Peer-to-peer networks are being hijacked to launch an increasing number of distributed denial of service (DDoS) attacks on web sites, according to security researchers and network service providers,” said Netcraft a week ago.
“In these attacks, large numbers of client computers running P2P software are tricked into requesting a file from the intended target of the DDoS, allowing the attacker to use the P2P network to overwhelm the target site with traffic.
The story quotes Prolexic Technologies, formerly DigiDefense International, as saying these types of attacks have accelerated in recent weeks, and has Prolexic ceo Darren Rennick stating, “Until January of this year we had never seen a peer-to-peer network subverted and used for an attack. We now see them constantly being subverted.”
P2p DDoSes, “may be attractive to attackers, as they don’t require the use of an existing ‘botnet’ of compromised computers, the Netcraft item continues, adding:.
Last year researchers detailed weaknesses in several widely-used P2P infrastructures. A team from Brooklyn Polytechnic University found that the OverNet P2P protocol could allow networks to be manipulated to launch DDoS attacks. OverNet was used in the eDonkey peer-to-peer software, which has fallen off in usage since the eDonkey web site was taken over by the Recording Industry Association of America (RIAA) as part of a legal settlement.
“Reports of DDoS weaknesses in the Gnutella network emerged as early as 2002. Last year the team of Elias Athanasopoulos, Kostas G. Anagnostakis and Evangelos P. Markatos confirmed those findings in more recent versions and offered defense strategies.
New Scientist has picked the story up, adding a significant contribution from BitTorrent creator Bram Cohen.
“Anyone with a popular website can put lots of tags for hidden versions of an image on somebody else’s website, have some JavaScript get those images to reload once every few seconds, and completely denial of service a medium-size or even large website,” he points out in the story
(Cheers, Julie)
Also See:
Netcraft – P2P Networks Hijacked for DDoS Attacks, May 23, 2007
New Scientist – File-sharing sites are being subverted for web attacks, May 30, 2007
If your Net access is blocked by government restrictions, try Psiphon from the Citizen Lab at the University of Toronto’s Munk Centre for International Studies. Go here for the official download, here for the p2pnet download, and here for details. And if you’re Chinese and you’re looking for a way to access independent Internet news sources, try Freegate, the DIT program written to help Chinese citizens circumvent web site blocking outside of China. Download it here.
rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php | | And use free p2pnet newsfeeds for your site
Tired of being treated like a criminal? They depend on you, not the other way around. Don’t buy their ‘product’. Do bug your local politicians. Use emails, snail-mail, phone calls, faxes, IM, stop them in the street, blog. And if you’re into organizing, organize petitions, organize demonstrations and then turn up on your local political rep’s doorstep, making sure you’ve contacted your local tv/radio station/newspaper in advance. Don’t just complain. Do something!
May 31st, 2007 at 2:03 pm
This kinda makes ya wonder if the **AA’s just might have something to do with it, doesn’t it?
Just something to think about. After all, from the viewpoint of Internet Technology it doe sort of make some kind of $en$e, if you get my drift?
May 31st, 2007 at 7:42 pm
yo bootjuice, you lika’ the conspiracy eh?
June 1st, 2007 at 4:26 pm
ese pendejo, u DEE-Dee-dee? eh?