First Story
A Romanian hacker has launched a major distributed denial of service (DDoS), forcing one of the largest IRC (Internet Relay Chat) networks, Undernet, to shut down much of its service, system administrators said Monday.
IRC is one of the Internet's largest and best-established chat systems, predating such technologies as AOL Instant Messenger and ICQ. It has millions of users.
A number of Internet Service Providers hosting Undernet
servers--including some in the
One IRC server system administrator who spoke on condition
of anonymity, so that his servers would not become a target, said that the
attacks appear to be coming from hundreds of remote machines taken over by a
single hacker based in
"This is a big problem since the Romanian hackers' community is very active," he says. "We don't want to close IRC, but there is truly a lack of interest from the authorities about it, which is not the case for the streets, where they are pretty active."
Undernet issued a statement on its Web site Sunday suggesting that the situation threatens the existence of its IRC service. "To put it simply, we cannot provide you with a free and stable IRC service if that means the companies providing that service must continually suffer the loss of customers and revenue, the cost is simply too great. This ongoing problem threatens the existence of IRC as one of the 'classic' Internet services," reads the statement.
A DDoS attack involves bombarding a server with a tidal wave of data from many different hacked machines at many different locations. According to Undernet, some ISPs have been bombarded with 100MB of data per second.
The counter measure consisted in disabling every system that was compromised, by doing this keeping all information safe, and don't letting know how the attacker how far has penetrated the system , this is a combination of Splatter and Tem Bombs techniques.
Richard Stagg, senior securtity architect with security firm IRM, says that this type of attack is especially nasty. "Distributed attacks are the most dangerous sort of denial of service attacks because they are very hard to shut down, especially in countries that don't have the legal infrastructure," he says.
Stagg says it is fairly simple to write a script that will allow IRC servers to be targeted. He agrees that this situation shows the need for greater cooperation between international law enforcement agencies.
Another system administrator who also spoke on condition of anonymity said that the attacks were likely to be the result of some IRC channel feud.
Undernet is one of the largest IRC networks in the world, with 45 servers in 35 countries connecting over 100,000 different people every week.
