lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 10 Dec 2003 07:57:14 +1300
From: Nick Johnson <arachnid@...dot.net>
To: tonyl@....ltd.uk, bugtraq@...urityfocus.com
Subject: Re: Is this the first case of a Distributed Denial of Physical Service?


This isn't the first use of the internet to attempt a Denial of Service 
style attack on something in the physical world. In late 2002, people 
from http://slashdot.org teamed together and executed a 
postal-service-DoS on a spammer. After obtaining his physical address, 
they signed him up for thousands of free catalog mailings and the like.
More details, including a link to a paper written about how such attacks 
could be executed automatically here:
http://slashdot.org/articles/03/04/15/2027225.shtml?tid=111&tid=172

tonyl@....ltd.uk wrote:

>Hi,
>
>
>
>Please see:
>
>
>
>http://www.theregister.co.uk/content/6/34388.html
>
>http://www.cambs.police.uk/camops/press_releases/press_releases.asp?ID=1992
>
>
>
>It appears that an individual has successfully socially engineered a distributed denial of physical service (DDoPS?).
>
>
>
>A (hoax) email had been sent out to individuals informing them of their latest purchase and that their credit card had been charged accordingly.
>
>
>
>As the individuals had not ordered iPods at £399.95, they were socially engineered into calling the customer service line given in the email.
>
>
>
>This telephone number happened to be for the UK's Cambridgeshire Constabulary (police) Main Switchboard.
>
>
>
>At the peak of this DDoPS, the switchboard was receiving 500 calls an hour, effectively denying the usual use of this telephone service.
>
>
>
>It appears that a whole range of "systems" and processes may be vulnerable to this type of attack and raises some interesting points to consider...
>
>
>
>Kind regards,
>
>
>
>Tony Langley
>
>Systems Architect
>
>S2S Limited
>
>  
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ