GRC | The Distributed Reflection DoS Attack
Popularity Report
 |
|||
|
|||
|
|||
|
|||
|
|||
|
Rank
URL Tag Cloud
Bookmark History
Saved by 7 people (-4 private), first by anonymouse user on 2006-07-27
- Memezilla on 2007-08-14 - Tags no_tag
- Allendug on 2007-08-07 - Tags drdos , hack
- Del__t on 2007-03-25 - Tags imported furl
- Test_dellll on 2007-03-24 - Tags drdos , hack , imported:delicious
- Del_ttt on 2007-03-24 - Tags drdos , hack , imported:delicious
Public Sticky notes
There was no way that all, or probably any, of those hundreds of routers had been compromised or infected by any sort of Zombie. I realized that they were just ordinary, innocent, TCP servers doing their jobs. They were sending SYN/ACK packets to grc.com in the well-meaning belief that WE wanted to open a TCP connection with their built-in BGP servers.
In other words, a malicious hacker located somewhere else on the Internet, was SYN FLOODING INTERNET ROUTERS with TCP connection-requesting SYN packets. Those SYN packets carried the fraudulent (spoofed) source IP belonging to grc.com. Therefore, the routers believed that the SYN packets were coming from us, and they were replying with SYN/ACK packets as the second phase of the standard TCP three-way connection handshake.
Highlighted by ironick
Public Comment