Feeds

back to article Anonymous DoS attacks thwarted with Aikido hip throw

In early December, researchers from security firm Radware were dispatched to repel attacks against a company being targeted by the Anonymous hacking collective and could only be described as fierce and potentially devastating. With junk traffic hitting peaks of 14 Gbps and coming from botnets, Unix machines with massive amounts …

COMMENTS

This topic is closed for new posts.
Silver badge
Thumb Up

Koshi Nage, then?

Who had the idea to reference Aikido?

Not that I disapprove.

1
0
Stop

Who?

Probably some LARPer an overimaginative imagination with NFI what a koshi nage is. Probably likely even an aikidoka.

It's a bad reference.

Don't get me wrong. Aikido has many useful techniques. It's just not a complete system nor do most people train realistically. Many people (Many, *NOT* all) think that aikido is some magic defence. This is not often true because few aikidoka train the way O-Sensei probably learnt and perfected his art. Remember O-Sensei truly *fought*. He could probably take hits to his head and still have a clear enough head to continue on. Remember what else O-Sensei actually trained in.

Remember, you get in a fight, it's rare that you'll escape without taking a hit. And most aikidoka (except them that have the sense to train more realistically) do not train to take hits.

Anyway, with relevance to this article, a koshi nage (of any sort) is a very swift movement in which *you* flip your assailant onto the hard ground. This is will usually terminate an engagement, *instantly*.

It's no way anything like making someone open more and more sockets till they crash from lack of resources.

Which is why I fail to see the analogy, in this article. I know I am nitpicking.

3
1
Silver badge
Welcome

But I know...

Been working on it myself for three years now.

0
0
Thumb Up

well, it could be "o goshi"

thats the basic hip throw.

0
0

title

Isn't this why UDP has typically been the favorite protocol of DDoS'ers? Don't think they make tarpits for UDP ;) Of course UDP can be filtered out a bit easier, but if you have multiple GB/s of bw available it probably wouldn't matter.

1
0
Paris Hilton

re: "Anonymous DoS attacks thwarted with Aikido hip throw"

To be pedantic, I fail to see how this is even remotely similar to any sort of koshi nage (let alone an aikido one). Have you even seen one?

3
3

Maybe they wore those pleated trousers

and shouted 'oos' when they did it?

1
0

Clever

Wasn't that clever, giving away (at least some of) the secrets of a successful defense to the Low Orbit Ion Cannon. Now it's developers know what to work on to make it more successful and stable. Fail.

6
3

@Clever

If that defense is part of the Roboo tool, it's no secret anyway; Roboo is open-source.

2
0
Anonymous Coward

@Robert

>Now it's developers know what to work on to make it more successful and stable. Fail.

Makes very good business sense if you think about it.

0
0
Happy

show your enemy your defenses, so that his attempts at an attack are channeled

A classic move - reveal a problem with the tool they use means they'll first have to fix that problem, which means you'll know where the next problem will be.

1
0
FAIL

@Robert Heffernan

Have another read...

"...the researchers released (the software in question) this week as an open-source tool for warding off DoS attacks and similar kinds of automated assaults..."

No secrets in open source land!

1
0
Anonymous Coward

Good lesson there

The roboo thingy seems to have the added advantage of teaching genuine visitors that they should always have Javascript enabled and use the Flash plugin if they want to use the web. I can't help thinking there is a bigger picture here that doesn't look so great.

3
0

Pfff

LOIC is as deft as a sledgehammer and just as elegant.

I'm not surprised to see someone has neutered it....

0
0
Boffin

"Aikido Hip Throw"

not so many hip throws in Aikido.

you're thinking of Judo.

1
0
Stop

HTTP Flood

This tool is only in defence of HTTP flood. This is different to the majority of DDOS attacks that are used such as SYN Flood and UDP Flood which are higher up the protocol stack. They are both harder to detect too.

The dropping of packets is an interesting one though, that could help slow down some DDOS.

1
0
Anonymous Coward

Looks like Anon has been outted

According to some news stories today, Anonymous may no longer be just that. Payback can be Hell.

0
3
Silver badge
FAIL

Cleverer than U?

I imagine this was one of several factors weighed up before releasing the info. And it was likely decided the information would be of less help to crackers than to other defenders.

1
0
Pirate

So...

They just started an arms race with Anon and LOIC developers. I wish them luck.

1
0

Probably one word wrong here

"In early December, researchers from security firm Radware were dispatched to repel attacks against a company being targeted by the Anonymous hacking collective and could only be described as fierce and potentially devastating."

Is it the Radware researchers that can only be described as fierce and potentially devastating? What about handsome?

If you're referring to a denial-of-service overload attack on the internet, that seems a bit of an abstract thing to be called "fierce". It's just a lot of data.

0
0
Black Helicopters

from

Sun Tzu

0
0
Silver badge

Virtual Agility Bun Fight? Handbags at Dawn? Ye Olde Worlde MetaPhysical Crooked Cock Fight*?

I wonder who Anonymous will play cat and mouse with now then, .... for a bit of sport at the Application Delivery Servant and Server Levels.

* Or should that be Post Modern?

0
1
Anonymous Coward

Inserting javascript is nothing new

F5 and Citrix (Netscaler) web application firewalls have been dropping JS into HTTP responses in order to determine human+browser or bot for a while. I don't know how reliable it is compared to the work done in this article but it's not new.

Good story though.

0
0
This topic is closed for new posts.