tag:blogger.com,1999:blog-37798047.post8526249481852304462..comments2024-01-16T05:48:33.523-05:00Comments on Errata Security: DoS is not DDoSDavid Maynorhttp://www.blogger.com/profile/09921229607193067441noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-37798047.post-73562790970208665442014-02-08T14:07:33.202-05:002014-02-08T14:07:33.202-05:00Wow, I'm glad I came here (via an article on t...Wow, I'm glad I came here (via an article on the NBC story). This tool is exactly what I need. For years, I've been scanning small parts of our 10/8 with nmap to keep track of new ports opened--it pretty much runs all day long to do so, so I only do it on a few important network segments, and then only for select ports. Once I patch it so it can feed the output into my mysql db, I can replace the current thing completely.<br /><br />Thank you.Allen Garvinhttps://www.blogger.com/profile/17788678308434499814noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-30705335447625667312014-02-06T11:48:39.358-05:002014-02-06T11:48:39.358-05:00General Alexander is a liar, Glenn Greenwald is a ...<i>General Alexander is a liar, Glenn Greenwald is a worse liar. Every leaked article I read has gaping technical flaws.</i><br /><br />A liar or merely misinformed? I agree, they shouldn't be so, but there's no point in lying over such a detail that the general public will not distinguish between. Anonymoushttps://www.blogger.com/profile/04801543076176739575noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-38805965790488600112014-02-05T07:22:07.771-05:002014-02-05T07:22:07.771-05:00Most DoS is DDoS, and most SYN-floods are DDoS. A...Most DoS is DDoS, and most SYN-floods are DDoS. A DoS is typically a 'magic packet' or 'magic transaction' or somesuch which impacts the availability of the targeted system/service/app; a DDoS attack is a stream of packets/transactions/queries/requests which attempts to impact the availability of the target due to exhaustion of capacity and/or state.<br /><br />SYN-floods can cause collateral damage for shared-hosting sites, for 'cloud' deployments, for VPS, etc.<br /><br />It is outrageous for governmental agencies to be launching DDoS attacks; they are *not* surgical and they can cause significant collateral damage near the emission point, on intermediate networks, on hosts/apps/services located coterminously with the target, on ancillary subsystems like DNS, databases, etc.<br /><br />For example, if I SYN-flood a Web site to the point that it can't respond to legitimate requests, then folks (and their browsers) are going to keep hammering away and trying to reload, which is going to cause the same DNS requests to go out over and over again, and depending upon the cache timeout of the recursive resolvers in question, put more load on the authoritative server for the domain in question - which may be providing authoritative DNS services for 10,000 other unrelated domains, and therefore impact resolution times for those sites, as well.<br /><br />That's just a simple example. Yes, there's a lot of bragging and exaggeration, but even so, no government agency should be launching DDoS attacks (your DoS/DDoS dichotomy is incorrect, per my previous comments); the collateral damage is too great, without any lasting benefits.Roland Dobbinshttps://www.blogger.com/profile/06517186494484977438noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-61805990092025392662014-02-05T03:56:02.438-05:002014-02-05T03:56:02.438-05:00This comment has been removed by the author.Anonymoushttps://www.blogger.com/profile/05233254958164002500noreply@blogger.com