Saturday, August 28, 2010

Transmission Control Pixies

This is not original work - it was originally posted on /. (Slashdot)  by Wingnut. It is classic ...

The Transport Control Pixies and the Internet Pixies system the Internet currently uses can be abused, as the recent DoS attacks illustrate, especially with the fat pipes to which many people now have access.

These pipes allow many malicious Pixies to be sent to a target, completely overwhelming the targets ability to process them.

The large numbers of Pixies that can traverse these fat pipes is the main problem as I see it. A good short-term solution would be the replacement of the fat pipes with bundles of thin pipes. At the targets end, each thin pipe would have a small tap - when a DoS attack is detected, simply open the taps in turn to allow the unwanted Pixies to drain out into a bucket. Alternatively, a manned barrier could be set up at the end of each thin pipe, and any swarthy looking, suspiciously odious, black hatted, or otherwise dubious Pixies can be turned away. This doesn't aid tracing the source, but will allow the force of the attack to be diminished such that the target can remain relatively unscathed.

Tracing an attack to the immediate source can easily be accomplished by having a little valve in the thin pipe that when turned will shut off the Pixie flow. Subsequent Pixes entering the pipe will cause it to bulge gradually as the backlog builds up. By repeating this procedure back from each machine the source will eventually be found. To save having to walk all that way, the valves could have long pieces of string attached to them so they can be turned on and off remotely.

Finding the perpetrator of the DoS is more problematic. These days, the normal breadcrumb back trail can be easily garbled by the less than savoury element on the internet. The new Internet Pixie v6 implements the Taut String from End to End system to tie the source to destination - any severing of the string to re-route it can be instantly detected by loss of tension. However, this does us no good currently.

It only takes a single Pixie to start a DoS attack, and finding it may not always be possible. An amateur will often leave the initial Pixie unharmed. If a suspicious one is found, sieze it immediately (ensure to keep its hands away from any magic pouches/flowers/musical instruments that it may have on its person). A poorly cast Mind Erasure spell can easily be undone by any one of a number of Re_Mind perl scripts. A properly cast Mind Erasure can be tricky to undo and will require a special Module be used - if you're not at ease with compiling programs, pop the Pixie in a Jiffy Bag and post it to hemos@slashdot.org (you may need to flatten the packet a little to get it into the floppy disk orifice) - hemos will de-spell it and send the results back by return).

A professional won't allow such evidence to remain - a common method is the Pixie On A Bungee technique. The perpetrator fires said Pixie into the attack machine with a long rubber band attached. With skill, the Pixie shoots in, pushes the Start lever and gets yanked back out at very high speed. A telltale clue of this is often fingernail scratches - sometimes a misjudgement as to bungee length can leave fingers embedded in the lever handle. Unfortunately, unless the Pixie drops his ID card, the chances of tracking back further are very small, and really best left to the authorities.

No comments:

 
HTTP Error 403: You are not authorised to access the file "\real_name_and_address.html" on this server.

(c) 'Surreptitious Evil' 2006 - 2017.