[ale] DDoS for hire? FBI?
Shawn
taaj.shawn at gmail.com
Wed May 29 20:53:26 EDT 2013
A website that accepts payment in exchange for knocking other sites offline
is perfectly legal, the proprietor of the DDoS-for-hire service says. Oh,
it also contains a backdoor that's actively monitored by the FBI.
Ragebooter.net is one of several sites that openly accepts requests to
flood sites with huge amounts of junk traffic, KrebsonSecurity reporter
Brian Krebs said in a recent profile of the
service<https://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/>.
The site, which accepts payment by PayPal, uses so-called DNS reflection
attacks<http://arstechnica.com/security/2012/10/meet-the-network-operators-helping-fuel-the-spike-in-big-ddos-attacks/>
to
amplify the torrents of junk traffic. The technique requires the attacker
to spoof the IP address of lookup requests and bounce them off open domain
name system servers. This can generate data floods directed at a target
that are 50 times bigger than the original request.
Krebs did some sleuthing and discovered the site was operated by Justin
Poland of Memphis, Tennessee. The reporter eventually got an interview and
found Poland was unapologetic.
follow the link to read more
http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/
--
*- Shawn Taaj*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130529/c970df6e/attachment-0001.html>
More information about the Ale
mailing list