ZDNet UK - Where Technology Means Business

ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Security

Story: Symbiot launches DDoS counter-strike tool

Posted by: Mary EF (Friday 2 April 2004, 7:12 AM)

Given the article was posted on 10 March, it is unlikely to be an April Fool...

Attacking the "Apparently From" is, as previous commenters have noted, useless as they are just unlucky to be on someone's contact list who has a virus (in my case, two spammers - I don't know anyone in the Phillipines or VA - as well as a friend on broadband whose child clicked on the attachment, a survey provider and a local council officer, and someone at work in an IT role who really ought to have known better and should have had antivirus up to date... That's just the ones I bothered to investigate).

The only way that this would work is to use a parser similar to that used by abuse services such as SpamCop to identifying the originating IP address (avoiding forged lines added by the virus). This could only be reported to the ISP for the IP block - obtainable from lookups such as ARIN - warning them that the IP address appears to be infected with a virus.

Second level, if the infected computer continues to send, i.e. the ISP does not ensure the owner of the infected PC cleans up, is to block the ISP's range of IP addresses (after fair warning has been given). This has worked for spam, automating it (with manual exceptions handling process - who knows what virii writers will come up with next!) may well work with virus creators.

If the software is made freely available, it may even be able to trace back to the virus writer. That would be sweet justice.

Full Talkback thread

Story: Symbiot launches DDoS counter-strike tool

Blindly counter attacking seems like a bad idea.... Jim Liedeka
I'm not saying I think this is necessarily the bes... Anonymous
This is a very bad idea, though it'll probably be... Stuart Winter
Great idea Anonymous, lets clog up the available b... GWTPict
This is the legal use of Grey Ice. Black is next:... Anonymous
GWTPict, If the system were to blindly initiate at... Anonymous
IF the system works as advertised, and advertising... GWTPict
Here's why this is completely ridiculous: If your... Ben Apgar
Considered as a biological system, this kind of co... ~Morosoph
For GOD'S SAKE people it's an April fools joke. evil-bit
Hey all. I'm Tommy, AKA Silicon Valey. I think t... Anonymous
>>> [Graham Titterington] added that because many... Abe Hendin
As one who has recently experienced being spoofed.... Anonymous
Launching a counter-attack no matter how justified... Anonymous
Definatly a Aprils Fools - Looks like its got most... Anonymous
Given the article was posted on 10 March, it is un... Mary EF
thatz the most insane thing that i have heard !. t... Swaroop

Back to: Symbiot launches DDoS counter-strike tool

Related Links

: News It's official: Spammers are hijacking ISPs [04 Mar 2005]
: News MSN blocks email from rival ISPs [03 Mar 2003]
: News Linux worm creating P2P attack network [16 Sep 2002]
: News Legit email caught in anti-spam crossfire [12 Jul 2002]
: News Windows XP slammed as gift to 'zombie' hackers [07 Jun 2001]

Skip Sub Navigation Links to CNET Brand Links

About CNET Networks UK

Copyright © 1995-2008 CNET Networks, Inc. All rights reserved