Your e-business may not have become the victim of a DDoS (distributed denial-of-service) attack yet. But it may only be a matter of time -- and, at present, you may not have an effective
way to protect yourself.
Malicious hackers are winning the DDoS war, thanks to weak security on personal computers and increasingly powerful script-kiddie tools.
The latest casualty is DALnet, one of the largest Internet Relay Chat (IRC) networks ever created. After months of DDoS attacks, DALnet was completely overloaded on Jan. 9, making its service unavailable to literally millions of users worldwide.
IRC actually predates the World Wide Web, having been invented in
Finland
in 1988. DALnet, which was formed in 1994, helped make IRC popular by introducing features to make it more usable and reliable.
In a DDoS onslaught, a hacker scans the Internet for computers with a security weakness, and then causes a small, Trojan horse program
to install itself on those machines. These compromised systems form a "botnet," or robotic network, that the hacker can direct to flood a victim's server with so much meaningless traffic that it can
no longer respond to legitimate visitors.
Because IRC is a free service and DALnet relies upon donated hosting, the recent months' attacks by thousands of bots have forced it off several ISPs, who must ensure
adequate responsiveness to their paying users. But even a large business with experienced staff will have difficulty defending
against a serious DDoS assault.
One source, who asked not be named, says DALnet is being victimized by a single teenager, who believes (rightly or wrongly) that the IRC service reported him to authorities
in connection with an earlier hacking incident.
The teen, according to this source, was investigated at one time by police but was released for lack of evidence. The attacks
against DALnet then began in earnest, using a network of thousands of unsecured, broadband-connected Windows 2000 and XP computers that
have been silently infected by bots.
These Microsoft operating systems, especially Windows XP, allow unrestricted use of Raw Sockets, an Internet technology that
permits users to completely disguise the origin of the attacks. Most Windows XP users would never employ this capability,
but novices often misconfigure their systems, leaving them open to Trojan horses.
Once DALnet has been completely silenced, there's no reason why its attacker -- and numerous others -- can't turn against any Web site
that earns their wrath. There is no way, at present, to stem the flow from such a DDoS attack and recover normal service to an e-business' regular customers.
As an industry, the Web desperately needs new methods to identify the source of DDoS incidents and divert the malicious traffic. As those defensive technologies are developed, I'll bring you the details in
this space. Meanwhile, see DALnet's description of the botnet problem at: http://zine.dal.net http://bri.li/4e7e
- - - - - - - - - - - - - - - - - - - - - - - - - - -
E-BUSINESS TECHNOLOGY REVIEW: HANDS OFF THAT CELL
The ability to hold a conversation on your cell phone -- without holding anything in your hand or getting tangled up in wires
-- is finally becoming an affordable reality.
One of the best examples is the Jabra
FreeSpeak, a tiny device that fits over your ear and allows you to conduct calls while your actual cell phone is as many as 30 feet
away in a purse or briefcase. The earpiece communicates using the Bluetooth standard but doesn't require a special phone.
Any handset that comes with the standard 2.5mm jack can accommodate Jabra's add-on. See: http://www.jandr.com http://bri.li/758e
- - - - - - - - - - - - - - - - - - - - - - - - - - -
E-BUSINESS BOOK REVIEW: KILLER WEB DESIGN TIPS
Can we ever know enough tricks about HTML and the way to design (or not design) Web pages? Answering a loud "no" to that question
are Joseph Lowery and Angela Buraglia, the co-authors of "Macromedia Dreamweaver MX Killer Tips."
This book isn't just of interest to Dreamweaver users. From power style sheets to browser compatibility tips, you're likely to find more than a few things within these pages
that you'll wish you'd known a lot sooner. See: http://www.amazon.com http://bri.li/0735713022
- - - - - - - - - - - - - - - - - - - - - - - - - - -
LIVINGSTON'S TOP 10 NEWS PICKS O' THE WEEK
1. Online ads are becoming smarter and getting far more click-throughs: http://news.bbc.co.uk http://bri.li/446
2. SQL Slammer worm hit 90 percent of affected systems within 10 minutes: http://www.news.com http://bri.li/82e
3. How the Total Information Awareness project affects e-businesses: http://www.motherjones.com http://bri.li/c16
4. Music executive says the industry must "embrace file-sharing or die": http://www.salon.com http://bri.li/ffe
5. Site shows, minute-by-minute, what files people are downloading: http://www.accessatlanta.com http://bri.li/13e6
6. Those DVDs you're buying may wear out after two or three playings: http://www.smh.com.au http://bri.li/17ce
7. Solution is on the way for seamless 2.5G/3G/Wi-Fi roaming: http://www.internetnews.com http://bri.li/1bb6
8. Use JavaScript to enhance your own dynamic menu structure: http://www.webmasterbase.com http://bri.li/1f9e
9. HTML tips: Code to detect 10 different versions of browsers: http://www.webreference.com http://bri.li/2386
10. It's not looking good for humans in computer vs. man chess tourney: http://news.excite.com http://bri.li/276e
- - - - - - - - - - - - - - - - - - - - - - - - - - -
WACKY WEB WEEK: WHAT MOVIE SHALL WE SEE NEXT WEEKEND?
If you're the kind of geek who grew up reading comic books (and, hey, who didn't?), you'll love the way what I'd call "cinema
of the super-powered" is breathlessly covered at SuperheroHype.com.
The site -- which makes money selling merchandise, posters, and so forth -- currently links to clips for upcoming features
such as The Hulk, which is due this summer, and Daredevil, opening on Feb. 14 (how romantic). The hype is almost as much fun
as the movies. See: http://www.superherohype.com http://bri.li/c3ae
- - - - - - - - - - - - - - - - - - - - - - - - - - -
E-BUSINESS SECRETS: Our mission is to bring you such useful and thought-provoking information about the Web that you actually
look forward to reading your e-mail.
ABOUT THE AUTHOR: E-Business Secrets is written by InfoWorld contributing editor Brian Livingston: http://SecretsPro.com
Research director is Vickie Stevens. Brian has published 10 books, including:
Windows Me Secrets: http://www.amazon.com http://bri.li/0764534939
Windows 2000 Secrets: http://www.amazon.com http://bri.li/0764534130
You'll receive a gift certificate good for a book, CD, or DVD of your choice if you're the first to send Brian a Top Story
or Wacky Web Week he prints. mailto:Brian@SecretsPro.com
COLUMN
enKoo
Xerox
Toshiba
Cisco
SAP
