Steve Gibson on Recent DoS Attacks Against GRC.comJun 04, 2001, 22:55 (22 Talkback[s])
(Other stories by Steve Gibson)
[ Thanks to jcpetit for this link. ]
A lot of readers are probably familiar with Steve Gibson'site GRC.com as a place to go for superficial verification of workstation security via free, web-based portscans. GRC.com recently fell victim to a packet-flooding DoS attack. His account of the whole ordeal, which includes some of his correspondence with the attacker, is fairly interesting, as is his assertion that Microsoft, in implementing the complete Unix sockets specification for Win2000/XP, has opened the Internet to "an escalation of Internet terrorism the likes of which has never been seen before."
As always, Mr. Gibson's style is somewhat overheated.
"...As a result, Internet security experts know that non-spoofing Internet attacks are almost certainly being generated by Windows-based PC's. Forging the IP address of an attacking machine (spoofing) is such a trivial thing to do under any of the various UNIX-like operating systems, and it is so effective in hiding the attacking machines, that no hacker would pass up the opportunity if it were available.