Looked up some terms to make sense of what they were doing...
Reflective DDoS attack:
From http(colon slash slash)www(dot)networkworld(dot)com/details/675.html?def
A twist on type of distributed denial of service attacks in which a SYN flood is sent to a large Web site, but the packets have a spoofed source IP of the real attack target. The Web site replies to this large number of SYN requests by sending its responses to the spoofed target IP address. To the target, it looks like the large Web site is launching a DDoS attack against it.
Syn Flood:
A type of denial of service attack in which a large number of TCP SYN packets (the first packet in a TCP/IP connection), usually with spoofed source IP addresses, are sent to a target. The target system replies with the corresponding ACK packets and waits for the final packet of the TCP/IP three-way handshake. Because the source IP address of the initial packet was spoofed, the target never will receive the final packet, leaving it to hold TCP/IP sessions open until they time out. A SYN flood causes so many TCP/IP open sessions that the system becomes overwhelmed and cannot handle any more network traffic.
Ok so we have the traditional syn flood, but what they did was syn flood with a "twist". The website replied to all those packets that were sent to it which pretended to wanna establish a tcp-ip connection, but the IP from which the packets were sent was the IP of the real target, and so when that website replied to all those packets, it was actually "flooding" the real target with its replies, and killing it in the process. That's a pretty sneaky attack which seems like it could potentially kill both websites (one of them being killed by the other) - the website to which you're sending all those packets in the first place could die because it experiences a traditional "syn flood", and then your real target dies too because the replies to all the packets are sent straight to its doorstep.
Distributed Denial of Service is probably the easiest and deadliest form of internet "warfare". It doesn't require hacking knowledge, any "script kiddie" can do it given the right tools - and that's scary in and of itself. The internet, as any system, has rules - but those rules can be exploited to work against the system itself, like in the case of this article. I find it interesting how "hackers" basically do something, well within the bounds of the rules, but something that was never "intended" by the rules - sort of an oversight on the part of the designers - sometimes not even an oversight but a necessary "hole" in order to allow for something to function as designed in the first place, and hoping that someone doesn't discover and exploit the hole. Most people don't, and all malicious intentions aside - how does one go about discovering such holes and exploits in a system? I mean, what sort of mentality and thinking is required to become a "hacker" so to speak - and not just of the internet, but any system, whether it be man-made or natural. I guess the first step is the elimination of assumptions - the common assumptions that "This is how it works" and "this is what it does" have to be the first to go.
I guess one of the best defenses of any such system is the assumption on behalf of the users in terms of how the system CAN be used, what it can and cannot do. Take any system like the economy, a computer, a bank, a videogame, a network, a climate, etc. Now of course most man-made systems it is illegal to "exploit" and so I'm not saying anyone should break any laws, I simply find it fascinating in and of itself the concept of exploitation of a system and using it "not as intended" simply because you CAN (as in, such capability exists but is not "obvious" due to blinding assumptions). In other words, use the very same set of tools to do something totally different, something that is not how they are "supposed to be used". We don't see what IS possible, we see what we assume is possible based on our assumptions of how to use something, how to handle it, what to do with it, how to perceive it which defines what "it" is for US. We're amazed when someone does something that WE can't do, simply because they are not limited by the same set of assumptions, or are simply using our own assumptions against us.
I have a certain respect for people like "hackers". The respect is not for the illegality or morality (or lack thereof) of their actions, but for their thinking process which allows them to escape common assumptions and use a system fundamentally differently than the "rules" say you should. In a sense they are engineers - they take available materials and do something that others often think is impossible or never even conceive of. And yet, it is all perfectly possible and very much logical. So if it is so logical, and sometimes so arrogantly simple, how can billions of people "miss it" before some hacker or engineer does it? I guess this is where our mass hypnosis comes in, our inability to think logically and critically about our predicament, our world, ourselves, our tools. We're bound by a conditioned set of assumptions and limitations, most of which could probably be completely non-existent. Reminds me of a C's session:
Q: (AJ) I am reading one of the books by the Polish engineer Pajak, written in 1990, where he describes a
UFO propulsion system. He claims that he has discovered a "periodic principle" where inventions come like
the periodic table, and he says it is now time to discover this UFO propulsion system. So much that he says
seems to "fit." He gives many good ideas, but generally for the wrong reasons. Are his main ideas sound? Is
it true that UFOs are using the machinery that he describes?
A: His primary block is his lack of knowledge of hyperdimensional physics.
Q: (AJ) That is true. But to build such a thing, we need to use 3D technology because that is what we
have. We cannot use 4D technology because we don't have access to 4D tools, so what can we do?
A: You will.
Q: (AJ) Question is whether Pajak's 3D technology that he describes corresponds to what it really is?
A: Generally speaking, more or less. But so much is lacking that, as designed, the prototypes will do nothing.
Q: (AJ) Has his idea been taken from him and successfully implemented by others - say, military?
A: No need. Only objective there is to prevent his further discoveries.
Q: (AJ) His ideas are quite original, so I wonder where he is getting them?
A: Not so original, just logical. Only reason others don't "get" such ideas is because they cannot think
logically due to hypnosis.
Q: (AJ) Well, I also have problems with logical thinking due to hypnosis!
A: Less than before.
Q: (AJ) Well, that means that I am still under hypnosis and clearly I am under more hypnosis than this Mr.
Pajak is because I have not been able to get as far as he has...
A: You aren't an engineer.
Q: (L) That reminds me! I wonder why it is we have such a preponderance of engineer types and computer
types in the School? (AJ) Computer types, it's clear: they are the only guys who have the time! [Laughter]
(L) I think that the C's really appeal to engineering types for some reason.
Maybe one possible reason for this appeal is the way an engineer's mind works - a tendency to escape common assumptions and question reality itself at its very core - at least certain aspects of reality, and the C's present the same approach and propose we do it for ALL aspects, philosophical and physical and mysterious alike. "Hackers" do the same thing on the software level - they are usually very creative and "original" programmers - they must learn to think without limitations, very openly and question all assumptions about computers and software and networks - and in the process of this questioning, they suddenly realize how many ways there are to "use" such networks that are not even fathomed by others who "play by the rules". Unfortunately, many of them go the "illegal" way and start utilizing their thinking and the resulting knowledge about the system poorly - do all the right things for all the wrong reasons. There is nothing wrong with hacking your own computer, hacking your own network, and basically "hacking" the very construct, the very bits and bites that your computer is made of, and seeing what you can do with them as building blocks, even within the framework of the very rules established by our currently existing environments (our networks, operating systems, software, etc). Physicists and scientists do the same thing with reality itself - many simply get stuck due to assumptions, no thanks to dogmatic education and this "hypnosis" the C's speak of.
What we need is great hackers teaching other hackers. In other words, going through school and getting a PhD doesn't make you a great hacker/physicist/engineer/programmer, and shouldn't give you the right to just teach your own class because it's your approach, your mental predisposition to reality itself that makes the difference, osit. The class just fills you up with physics data, established knowledge, etc. The brilliance of a true "hacker" (and I"m just referring to all engineers, of the hardware/software world, and of our reality itself as hackers right now) is his approach, his ability to go beyond common assumptions and do what nobody else can because their assumptions won't allow them to. But this is an APPROACH - a predisposition to reality, not a set of rules/data. The C's constantly reiterate this open approach, the lack of assumptions, the critical thinking, the development of awareness through removal of all assumptions. And I think this is the appeal - the limitless possibilities of such a mentality, like the one great hackers have, when applied to all other aspects of their lives - but without the inclination to abuse it for selfish and illegal purposes and frankly "waste" this great potential. The C's provide a direction of this potential - a reason to exploit systems that has nothing to do with breaking laws or stealing money, but simply "knowledge protects" - as a way out of this reality, a way to a better existence.
K I'll stop ranting now lol, the article just sparked a chain of thoughts.
