[Snort-users] Possible DOS Attack??

Steve Halligan agent33 at ...187...
Tue Jun 19 10:28:00 EDT 2001

> For a very good anatomy of a DDOS attack, take a look at 
> http://grc.com.

This is rather offtopic, but I have seen very mixed stuff on the
accuracy/wacko'ness of Mr. Gibson's analysis (And his character in general).
Some opinions of this culled from the INCIDENTS list:

-----Original Message-----
From: Barbara [mailto:essence at ...2322...]
Sent: Tuesday, June 12, 2001 4:49 PM
Subject: RE: I am a Fool HOW-TO [was: grc attacks]


I've been watching this thread very closely, and maybe I can shed a bit of
light on grc article.
When I first read it , it was like WOW I've seen these kids doing this,
maybe I can help.
So I tried to contact grc, some of the other people I work with on the
DALnet Exploits Prevention Team also have tried. Not even 1 response.

These children like Drgreen,wicked and his other friends are just a few that
continue to infect mostly badly configured cable boxes. I could name off
about 5 different private IRC servers right now that hide 100's of hosts
that they use to continually attack our IRC servers and users. (hosts have
been notified btw)

I've worked on these types of problems for almost 6 yrs now and I am also a
member of DALnet's Exploit Prevention Team. We work closely with the
authorities such as the FBI, RCMP's,ISP's and anyone else who are willing to
help. We have been very successful with a few abusive users which you can
read about at www.dal.net/news or http://zine.dal.net/issue10/exploits.html.

Anyways.. that's my two cents. The best prevention is a good anti-virus
program and education IMO.

Please feel free to contact me privately

DALnet Exploit Prevention Team
barbara at ...2323...


-----Original Message-----
From: David Ford [mailto:david at ...2324...]
Sent: Monday, June 11, 2001 2:13 PM
Cc: basics; INCIDENTS
Subject: I am a Fool HOW-TO [was: grc attacks]

You mean a great 4yr old bedtime story about evil hackers?

GRC is a snakeoil salesman who barely understands how many vowels are in
the word "internet".

This type of IRC bot has been around for well over 8 years to my
knowledge.  His 'forensics' are all wrong and inaccurate and if he is
making a recommendation on firewalls, I'd sure as heck not get one that
he is recommending (beside the obvious point that I know well more than
he does about all of this).

If you haven't picked up on it yet, GRC is purely out for media
attention.  His products have humor value...or is that sarcasm
value..and his diatribes on firewalls and blockable attacks are worthless.


Casey DeBerry wrote:

>Great story from the man behind grc.com.
>Steve Gibson's ddos investigation that also covers a little on personal
>firewalls, evaluates bots, forensics, etc...

More information about the Snort-users mailing list