Earlier this month, Brett Wentworth took Level 3 Communications Inc. into territory that most rivals have been reluctant to enter. The director of global security at the largest carrier of Internet traffic cut off data from reaching a group of servers in China that his company believed was involved in an active hacking attack.
The Broomfield, Colo., company handles roughly 40% of internet traffic and is taking an aggressive—and some say risky approach—to battling criminal activity. Risky because hackers often hijack legitimate machines to do their dirty work, raising the risk of collateral damage by sidelining a business using the same group of servers. Such tactics also run against a widely held belief that large carriers should be facilitating traffic, not halting it.
(Score: 3, Interesting) by wantkitteh on Tuesday June 02 2015, @12:21PM
My Minecraft server was unreachable for several days when Microsoft went after No-IP's DNS services. That was a targeted (if bungled) move against a botnet's command and control system - this is blanket traffic blocking, you can only go after so many targets like that until you "accidentally" take out something legit.
(Score: 0) by Anonymous Coward on Tuesday June 02 2015, @12:44PM
They probably have much the same perspective that the RBL guys did about blacklisting entire ISPs: yeah, there's collateral damage, but it might provide an incentive for those ISPs to start policing their own users. And it pretty much did, although I don't know that we like the method they ultimately chose (block outbound port 25).
(Score: 0) by Anonymous Coward on Tuesday June 02 2015, @01:03PM
Idea: botnet command and control via minecraft signs.
(Score: 2) by Marand on Tuesday June 02 2015, @03:23PM
Idea: botnet command and control via minecraft signs.
Can go further than that. There's a mod [ocdoc.cil.li] that adds "computer" blocks to the game and gives in-game access to Lua scripting, which can be configured to allow internet access [ocdoc.cil.li] from within the game. You could control a botnet from within minecraft, maybe even trigger changes via the game's circuits (redstone).
For a less malicious use, you could probably use it to facilitate cross-server communication, like some sort of minecraft-specific gopher or usenet implementation.
(All hypothetical, I never did much with the computer mods other than read up on them a bit)
(Score: 0) by Anonymous Coward on Tuesday June 02 2015, @05:11PM
Network security researchers usually investigate botnets based on which server they talk to. The fact that your bots keep talking to hosts acting like Minecraft servers will be picked up quickly for anything but the tiniest botnet.
(Score: 2, Interesting) by VLM on Tuesday June 02 2015, @01:14PM
unreachable for several days
Technically your domain name was unresolvable, I'm sure if you used another DNS provider you'd be fine, or distributed ip addrs.
Something to consider is there's no 1:1 mapping requirement in DNS. You can have both something.no-ip.com and something.someOtherProvider.com point to the same address.
(Score: 0) by Anonymous Coward on Tuesday June 02 2015, @05:15PM
Oooh, so the attack only affected 99% of all Internet users. That makes it so much better!
(Score: 1) by penguinoid on Tuesday June 02 2015, @03:52PM
you can only go after so many targets like that until you "accidentally" take out something legit
On the other hand, botnets can also take down something legit.
RIP Slashdot. Killed by greedy bastards.