Posted on Monday, October 6th, 2008 | Bookmark on del.icio.us

Mafiaboy Speaks

by Jose Nazario

The Mafiaboy Book is due soon, and in it he (real name: Michael Calce) tells all about how he got into online disruptions and massive attacks. On the one hand it’s easy to smirk about his sophistication in relation to what was going on in 1999. On the other, it’s sobering to think that a budding electronic commerce segment was crippled for days by this kid. An excerpt from the website:

I logged back on and began paying closer attention. I realized it was a common occurrence and that it was called punting. Someone knocked me offline by hitting me with so much data that my connection was severed. These punters seemed to have a huge amount of power over others on AOL. I was intrigued that an individual was able to “attack” someone else, regardless of the distance between them, using the internet. It seemed like harmless fun, almost a practical joke. The people punted off could simply sign on again and rejoin the chat room. Nobody got hurt.

I wanted to punt someone. Badly.

The scene, in this regard, hasn’t changed much. The stakes are higher now, however, as these guys have often gotten into credit card theft and outright fraud.

Share

Related Posts

Zemanta

This entry was posted on Monday, October 6th, 2008 at 3:36 pm and is filed under Arbor Networks - DDoS Experts, Attacks and DDoS Attacks, Critical Infrastructure. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses | Add your own



Comment Post by: Wizard — October 7th, 2008 @ 3:08 pm EST  Reply

Wouldn’t it be great if he was forced to direct the proceeds from the book sale to offset the costs of the investigation/damages/etc…

Comment Post by: Andre Gironda — October 9th, 2008 @ 11:50 am EST  Reply

“So .. I .. uh .. compiled these C program with funny names like juno and bang on a Linux box that I borrowed from a friend”. “Sometimes I’d run it in crontab with a kill statement after 4.9 minutes so it doesn’t show up on an MRTG graph”. “Make sure to exclude bogons from the source addresses”. “Do that a couple times so that it adds up to about 38 hours in a month, and then you put the company out of business because of their IP transit costs”.

Actually, no. The kid had no idea what he was doing. He’d be lucky if he got that first sentence correct. And now the DoD and NETWARCOM wants to get into CNA. Maybe TCP SYN cookies will protect us. *Barf*

It is so easy to protect yourself from DoS/DDoS since these types of attack began in 1994. Ask any services.int operator. How Fortune 500 failed to get this and allowed it to happen is why kids like Mafiaboy get to write books. *Puke*

Leave a Comment