back to article Anonymous DoS attacks thwarted with Aikido hip throw

In early December, researchers from security firm Radware were dispatched to repel attacks against a company being targeted by the Anonymous hacking collective and could only be described as fierce and potentially devastating. With junk traffic hitting peaks of 14 Gbps and coming from botnets, Unix machines with massive amounts …

COMMENTS

This topic is closed for new posts.
  1. Destroy All Monsters Silver badge
    Thumb Up

    Koshi Nage, then?

    Who had the idea to reference Aikido?

    Not that I disapprove.

    1. sT0rNG b4R3 duRiD
      Stop

      Who?

      Probably some LARPer an overimaginative imagination with NFI what a koshi nage is. Probably likely even an aikidoka.

      It's a bad reference.

      Don't get me wrong. Aikido has many useful techniques. It's just not a complete system nor do most people train realistically. Many people (Many, *NOT* all) think that aikido is some magic defence. This is not often true because few aikidoka train the way O-Sensei probably learnt and perfected his art. Remember O-Sensei truly *fought*. He could probably take hits to his head and still have a clear enough head to continue on. Remember what else O-Sensei actually trained in.

      Remember, you get in a fight, it's rare that you'll escape without taking a hit. And most aikidoka (except them that have the sense to train more realistically) do not train to take hits.

      Anyway, with relevance to this article, a koshi nage (of any sort) is a very swift movement in which *you* flip your assailant onto the hard ground. This is will usually terminate an engagement, *instantly*.

      It's no way anything like making someone open more and more sockets till they crash from lack of resources.

      Which is why I fail to see the analogy, in this article. I know I am nitpicking.

      1. Destroy All Monsters Silver badge
        Welcome

        But I know...

        Been working on it myself for three years now.

        1. PsychicMonkey
          Thumb Up

          well, it could be "o goshi"

          thats the basic hip throw.

  2. Wpgwill

    title

    Isn't this why UDP has typically been the favorite protocol of DDoS'ers? Don't think they make tarpits for UDP ;) Of course UDP can be filtered out a bit easier, but if you have multiple GB/s of bw available it probably wouldn't matter.

  3. sT0rNG b4R3 duRiD
    Paris Hilton

    re: "Anonymous DoS attacks thwarted with Aikido hip throw"

    To be pedantic, I fail to see how this is even remotely similar to any sort of koshi nage (let alone an aikido one). Have you even seen one?

    1. Jon Double Nice

      Maybe they wore those pleated trousers

      and shouted 'oos' when they did it?

  4. Robert Heffernan

    Clever

    Wasn't that clever, giving away (at least some of) the secrets of a successful defense to the Low Orbit Ion Cannon. Now it's developers know what to work on to make it more successful and stable. Fail.

    1. Ray Simard

      @Clever

      If that defense is part of the Roboo tool, it's no secret anyway; Roboo is open-source.

    2. Anonymous Coward
      Anonymous Coward

      @Robert

      >Now it's developers know what to work on to make it more successful and stable. Fail.

      Makes very good business sense if you think about it.

    3. Timfy67
      FAIL

      @Robert Heffernan

      Have another read...

      "...the researchers released (the software in question) this week as an open-source tool for warding off DoS attacks and similar kinds of automated assaults..."

      No secrets in open source land!

    4. Mike Kamermans
      Happy

      show your enemy your defenses, so that his attempts at an attack are channeled

      A classic move - reveal a problem with the tool they use means they'll first have to fix that problem, which means you'll know where the next problem will be.

  5. Anonymous Coward
    Anonymous Coward

    Good lesson there

    The roboo thingy seems to have the added advantage of teaching genuine visitors that they should always have Javascript enabled and use the Flash plugin if they want to use the web. I can't help thinking there is a bigger picture here that doesn't look so great.

  6. Craig Foster

    Pfff

    LOIC is as deft as a sledgehammer and just as elegant.

    I'm not surprised to see someone has neutered it....

  7. flying_walrus
    Boffin

    "Aikido Hip Throw"

    not so many hip throws in Aikido.

    you're thinking of Judo.

  8. Pete 8
    Black Helicopters

    from

    Sun Tzu

  9. LaeMing
    FAIL

    Cleverer than U?

    I imagine this was one of several factors weighed up before releasing the info. And it was likely decided the information would be of less help to crackers than to other defenders.

  10. amanfromMars 1 Silver badge

    Virtual Agility Bun Fight? Handbags at Dawn? Ye Olde Worlde MetaPhysical Crooked Cock Fight*?

    I wonder who Anonymous will play cat and mouse with now then, .... for a bit of sport at the Application Delivery Servant and Server Levels.

    * Or should that be Post Modern?

  11. Anonymous Coward
    Stop

    HTTP Flood

    This tool is only in defence of HTTP flood. This is different to the majority of DDOS attacks that are used such as SYN Flood and UDP Flood which are higher up the protocol stack. They are both harder to detect too.

    The dropping of packets is an interesting one though, that could help slow down some DDOS.

  12. Anonymous Coward
    Pirate

    So...

    They just started an arms race with Anon and LOIC developers. I wish them luck.

  13. Robert Carnegie Silver badge

    Probably one word wrong here

    "In early December, researchers from security firm Radware were dispatched to repel attacks against a company being targeted by the Anonymous hacking collective and could only be described as fierce and potentially devastating."

    Is it the Radware researchers that can only be described as fierce and potentially devastating? What about handsome?

    If you're referring to a denial-of-service overload attack on the internet, that seems a bit of an abstract thing to be called "fierce". It's just a lot of data.

  14. Anonymous Coward
    Anonymous Coward

    Looks like Anon has been outted

    According to some news stories today, Anonymous may no longer be just that. Payback can be Hell.

  15. Anonymous Coward
    Anonymous Coward

    Inserting javascript is nothing new

    F5 and Citrix (Netscaler) web application firewalls have been dropping JS into HTTP responses in order to determine human+browser or bot for a while. I don't know how reliable it is compared to the work done in this article but it's not new.

    Good story though.

This topic is closed for new posts.

Other stories you might like