SunWorld: DoS attacks: A problem of the information age — Q&A with security guru Dave Dittrich

“Dave Dittrich, a software engineer at the University of
Washington, wrote early analyses of several DDoS tools. SunWorld
interviewed him about the recent attacks
on top Internet
commerce sites and what they might mean for computer security.”

“Much of the online world was caught off guard last month by the
massive denial-of-service (DoS) attacks against such major Websites
as eBay, E*Trade, Yahoo!, and CNN, but Dave Dittrich wasn’t.
Dittrich had made the acquaintance of distributed denial-of-service
(DDoS) tools trinoo (aka trin00), Tribe Flood Network, and
stacheldraht when some of the machines under his charge at the
University of Washington were used in a DDoS attack against the
University of Michigan.”

“That attack inspired Dittrich to write analyses of several of
the DDoS tools so that security experts could better understand the
threat. With Marcus Ranum, the head of Network Flight Recorder,
Dittrich also coauthored a network-scanning utility named gag,
which can help administrators detect the installation of DDoS tools
on their systems.”

“SunWorld writer J.S. Kelly spoke with Dittrich about the recent
attacks. During the course of their conversation, Dittrich
discussed what could be done to prevent future episodes, whether
the computer security community should join forces with the
government to combat the possibility of large-scale attacks, and
what the future holds for computer security stocks and computer
damage insurance.”

Complete story