Information Security News
mailing list archives
Re: DDos attack knocks out Alldas.de - for good?
From: InfoSec News <isn () c4i org>
Date: Wed, 19 Sep 2001 13:43:05 -0500 (CDT)
Forwarded from: Darren Reed <darrenr () reed wattle id au>
You know, after reading about how the FBI has been able to get in on
the "inside" of hacking circles, I wonder if maybe it is "white hats"
who are starting attacks like this. Why?
a) hack a site, get your hack onto a defacement archive. The more web
sites you do, the better you are. By discouraging people from
archiving web sites which get defaced there is no longer an archive
of hackers' work, nowhere for them to say "look at all the web
sites I hacked". In a way the psychology here is similar to why it
is good to clean away grafitti (which you can't easily archive,
aside from taking photos).
b) people don't want permanent reminders of how they screwed up their
web server security.
If people want to keep, online, an archive of hacked web sites then
maybe the answer is to make it distributed so that a DDoS attack
cannot be concentrated on any one particular target. Maybe in doing
things like that there are solutions for other web sites in avoiding
DDoS attacks. For example, using Akami servers for real content.
In some email I received from InfoSec News, sie wrote:
By John Leyden
Posted: 17/09/2001 at 15:28 GMT
Alldas.de, the well known defacement archive, is once again looking
for a home after a deal to move from its ISP fell through in the wake
of a debilitating hack attack.
Three weeks ago, Alldas was subjected to a week-long distributed
denial of service attack which knocked the site - and its ISP Kvalito
Kvalito introduced filtering and the DNS record of Alldas.de was
updated so that prospective hackers would be throwing attacks at the
site against their local host instead.
Alldas.de's contract with Kvalito already on the point of expiry and
worse followed when the ISP to which it planned to move dropped the
hosting deal. This has left Alldas.de unavailable at a time of
heightened interest in hacking activity.
Fredrik Ostergren, a spokesman for Alldas.de, told us the site was
looking looking for a new hosting service, but he was far from
optimistic. "I hope we will be back up soon but it looks dark," he
In June this year, Alldas.de weathered a Syn-flood attack that had a
knock-on effect on Kvalito's other customers, throwing some of them
online. Alldas.de received its notice to quit.
At the time, Alldas.de made clear its requirements from a prospective
The ISP should be able to handle a growing volume of traffic that has
reached 300GB/month, deal with 10 flames per month about port scanning
- though Alldas.de has offered to answer those on its own - and
tolerate the occasional DDoS attack.
After Attrition.org decided to get out of the defacement archiving
business this summer (when it decided it was too much hassle to
continue as a hobby), Alldas.de became the main game in town.
Interrorem.com and Safemode.org do record defacements but their
service is not as comprehensive as that of Alldas.de.
Any ISPs out there keen to save Alldas.de's service can email them
directly. Press <press () alldas de>
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.