Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
I'm confused... Jerry (I think) keeps talking about how many hits per
so long a time period to fill up a T1. I.e., bandwidth.
I got the impression that it has absolutely nothing to do with
bandwidth, but instead with the server daemon (httpd) and the computer
itself (the server) being able to service all those different sockets
simultaneously. I.e., you crash the computer by telling it to run 3000
processes when it's designed, and reasonably expected to handle a peak
of 100 simultaneous processes (and the designers consider that a highest
load scenario), and when perhaps it can actually functionally load only
1500 simultaneous processes w/o failing.
Taking up bandwidth may slow a connection, but only multiple processes
would slow and then crash a server. Their T1 (if they have one) could
be running at like 30% capacity when the attack was at it's worst.
Or am I misunderstanding here.
Frankly, I thought good web server daemons were designed to have limits
on the number of simultaneous sockets and processes running.
Shawn Parker wrote:
was anyone hurt or killed? did the network or systems in the school
fail? did they lose money? did the attacker manage to "steal" any
critical or private/classified data?
i think we need to look at the level of the crime and punish
accordingly. giving this kid a felony conviction for a stupid prank
that may or may not have "slowed" down their system is too harsh, imo.
we're not talking about a botched robbery where someone is killed.
we're not talking about hacking credit card systems and selling or
using private information.
we're talking about a dumb kid who told people to press f5. give me a
break. like i said, school suspension, sure...felony, no.
the problem with the law in this case is it has no weight on the
situation. it is an unfitting punishment for the crime.
On 1/6/06, Mike Miller <EMAIL:PROTECTED> wrote:
On Fri, 6 Jan 2006, Jerry Gamblin wrote:
I don't know what your standard of proof is, but the school official in
the video said that they were having a problem with network slowness
and in an attempt to figure out what was causing the slowness they
identified the boy's web page. Maybe they were mistaken, but maybe the
boy has a lot of friends and maybe the school has something less than a
T1.
My standard of proof is innocent until proven guilty (Isnt that yours?).
What's your standard of proof for "proven guilty."
My guess is someone looked at the logs and saw some hits coming from the
boys website and went and see what is on it, when they saw the blog
entry they went nut job and had him arrested.
Whats your standard of proof that he did cause the "slowness" that some
unnammed school offical said that he did?
Mine is irrelevant, but if they can show from their logs that many
thousands of hits were coming into the web server with a "reload pattern"
(repeated access to the same page from the same site) and they can show
that there were few or none of these before the boy made his web page, and
they can show that there were no other web pages on the internet making a
similar request for repeated reloads, the kid is screwed.
Mike
_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion
--
shawn
_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion
_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact