Is Telling People To Visit A Certain Website A Denial Of Service Attack?

from the seems-like-a-stretch dept

iamtheky sends in the story of a UC San Diego Professor, Ricardo Dominguez, whose focus of research is "electronic civil disobedience," (for which he received tenure and a fellowship from his university), but who is now potentially facing discipline or even criminal charges from the university for staging a "virtual sit-in" to protest budget cuts. It certainly raises questions about the line between telling people to visit a website and a hack attack to take down a website. It's difficult to see how just telling people to go to a website should ever qualify as any kind of attack, but the University is said to be contemplating criminal charges.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: denial of service, protest


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 20 May 2010 @ 10:00pm

    I don't think the university can press criminal charges, wouldn't that be law enforcements job? Though the university can press civil charges.

    Still, I think it depends on the intent of the sit - in. If the intent is to deny service to others, I would say there should be punishment.

    Imagine if you owned a store and the store payed its workers too little. So the store workers had a strike. Well, they're allowed to strike, but are they allowed to prevent new customers from entering the store and denying them service? Are they allowed to prevent employees that don't want to take part in the strike from entering the store and denying them employment? I think not.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 20 May 2010 @ 10:05pm

      Re:

      deny *

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 20 May 2010 @ 10:41pm

      Re:

      Here is another reason I don't think denial of service attacks should be allowed. Let me relate this to the RIAA since that seems to be a popular subject here.

      Lets say that someone who hates the RIAA just decides to do a DDOS (distributed denial of service attack) on their webserver. If these attacks were allowed then the RIAA could simply pay for the resources necessary to do its own DOS (denial of service) attacks and retaliate by doing DOS attacks on websites like public knowledge, Techdirt CopyCense, the EFF, etc... What we end up with is a bunch of huge denial of service wars (because the RIAA would not be the only group engaging in these attacks, a bunch of groups that hate each other will also engage. You may have Islam groups do denial of service attacks on Christian websites and Christian groups doing them on Islam websites, every group that hates each other could engage in a denial of service war if the law allowed it) that wastes everyone's money, time, and resources for no good reason and that floods everyone's ISP's slowing down everyone's Internet connection and increasing ISP network cost. No, denial of service attack wars are not a good solution to most of our problems and I think that humanity could find more diplomatic solutions to our problems instead. Should the university be allowed to retaliate and do a DOS attack on the professors website if the professor has a website?

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 20 May 2010 @ 11:01pm

        Re: Re:

        Well, maybe the Christian - Islam example wasn't a particularly good one, but the point is that if it's perfectly legal you'll have all sorts of other opposing groups flooding ISP networks with pointless DDOS wars, not just the RIAA - Anti RIAA groups.

        link to this | view in chronology ]

      • identicon
        Anonymous Coward, 20 May 2010 @ 11:57pm

        Re: Re:

        I dunno that I'm quite following your argument here.

        I mean, I think you'll be hard pressed to find anyone who'll say that DDoS attacks, or even just plain old DoS attacks are a good thing, though I think you perhaps over-state the possibility of "wars" over this (I am not a computer security expert, I'm perfectly willing to have one tell me I'm wrong).

        The question of the hour seems to be "Is what he did criminal?", I just can't see how it is.

        I think a more reasonable analogy would be this: Say someone who I strongly disagree with is giving a speech in an auditorium. I, and 50,000 of my closest friends decide that we're going to occupy every single one of the seats, all the SRO, and indeed max out the fire marshal's rating for the building, then stand in crowds 100 deep around the building, so that the speaker has no chance of reaching anyone who he might possibly convince.

        I will agree readily that there is something of an ethical argument to be made on both sides of that, but was it illegal? We weren't preventing him from talking, we were just making sure no one could hear him.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 22 May 2010 @ 9:07am

          Re: Re: Re:

          "I mean, I think you'll be hard pressed to find anyone who'll say that DDoS attacks, or even just plain old DoS attacks are a good thing, though I think you perhaps over-state the possibility of "wars" over this (I am not a computer security expert, I'm perfectly willing to have one tell me I'm wrong).

          The question of the hour seems to be "Is what he did criminal?", I just can't see how it is."

          This professor focuses his research on electronic civil disobedience. The point I'm trying to make is that if DOS/DDOS attacks are a legally and socially acceptable method of electronic civil disobedience, then the logical conclusion is that everyone would, and perhaps even should, be conducting in this behavior everywhere anytime they disagreed with something as a form of civil disobedience. and if they were acceptable it would be happening a lot more than it is now. The reason why it's not so abundant, and the possibility of far more abundant wars occurring now is likely improbable, is because it's not unanimously considered a socially/legally acceptable form of civil disobedience. but if it were, then the possibility of many many huge wars would not only be a possibility, it would be a very highly likely probability, almost inevitable even. Just trying to take this professors theory over what should be considered a socially/legally acceptable form of disobedience to its logical conclusion.

          link to this | view in chronology ]

    • icon
      Rose M. Welch (profile), 21 May 2010 @ 2:12am

      Re:

      Yes, workers on strike are usually allowed to detain people entering for a certain amount of time.

      In this case, they didn't shut the site down, they just made it a bit slower.

      So that's actually a very good analogy. :)

      link to this | view in chronology ]

    • icon
      btr1701 (profile), 21 May 2010 @ 4:51am

      Re:

      > Though the university can press civil charges.

      There's no such thing as "pressing civil charges". They can file a civil lawsuit, but that's not pressing charges.

      link to this | view in chronology ]

    • identicon
      Michael, 21 May 2010 @ 5:37am

      Re:

      Your analogy is a pretty good one, but you have to think about how a denial of service attack would work in this situation. It would be much like holding a strike and crowding around the front door of a business without actually restraining customers from entering. This would make it difficult, but not impossible to enter a store - some traffic could leak through (probably slowly).

      So, in a real-world situation, this would be legal (in the US) as they have the right to protest and to assemble in their protest. It may be annoying, but making it somehow illegal in the real world or on the internet seems unreasonable.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 May 2010 @ 8:00am

        Re: Re:

        "It would be much like holding a strike and crowding around the front door"

        There are two notable differences. Holding a strike by crowding around the door allows those who want to enter the store an opportunity to see your signs and hear your message and see you and who you are so that you can express your free speech. A DOS does no such thing.

        and secondly, I think there is a difference between hanging around the front and intentionally blocking people from entering the store (this is why I say intent matters). Yes, if the store was naturally crowded (ie: tons of legitimate users were naturally using the webserver for legitimate purposes) and lots of customers were trying to enter but were having problems due to the mere volume of people entering, that's one thing and it's a perfectly legitimate reason for a slow down. But if you're just blocking the front door, creating artificial reasons why people can't enter and forcing artificial slow downs of entrants (vs too many genuine customers creating a genuine slow down) that's a different story altogether and you'll be hard pressed to convince law enforcement not to make you move, with violent force if necessary even. and most people won't care.

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 20 May 2010 @ 11:02pm

    DDOS means the computer(s) used are not always willing to do so.
    In the current case, they were all willing to go on the website. In my opinion, it's the same as a website not powerful enough to cope up with high traffic : not illegal.

    link to this | view in chronology ]

  • icon
    azuravian (profile), 20 May 2010 @ 11:05pm

    Hmmm...

    Normally, I agree with most of the posts here, but I'm not sure about this one. It's not like he told a bunch of people to visit the website in question in order to take it down (a la the Slashdot effect). He had them visit a different website that would then generate multiple requests to the server in question. In a way, it sounds like he crowdsourced a DDOS. I'm not sure if it's criminal, but it definitely seems to cross an ethical line.

    link to this | view in chronology ]

  • icon
    drewmerc (profile), 20 May 2010 @ 11:46pm

    so this would make it illegal to post any story to slashdot
    in fear of being sued because of the slashdot effect

    link to this | view in chronology ]

  • icon
    Griff (profile), 21 May 2010 @ 2:13am

    Is it about intent ?

    For me, visiting a public website in person (as it was intended to be used) is not a DoS. If I encourage people at a political rally to go and express their views on their elected representative's website, and the site crashes as a result, that is the website's problem.

    But if I encourage people to hit the website 1000 times each (either manually or using a bot or other process, such as DDoS) then that is using the website in a way it was clearly not intended with intent to cause disruption.

    Same goes for encouraging people to telephone a rep's office to express views. It could jam phone lines and make it impossible for the guy to work BUT if these are all legit calls and he is supposed to represent these people, that is his problem. If someone used an automated dialler and the guy got silence when he answered the phone, that would be disruptive intent.

    For me it comes down to legitimate intent.

    We recently had a situation in my hometown where they wanted to close a (very successful) school. It really came down to mass letter writing to the public bodies and they made it clear that although number of letters would play a part, multiple copies of the same letter would not count multiple times. That is to say, one person has to make the effort to write their own letter to count as one vote.

    The example of 50000 people going to the auditorium is (for me) OK. These people individually made the effort to make their own views felt (unless they were paid to go). A DDoS is more like a school principle bringing several hundred children along to the talk (children who have no interest in the actual talk).

    I think the original flashmob concept walked a fine line in this respect. Make 1000 people suddenly materialise on a particular street corner and it looks like a strange phenomenon. Do it right in front of a high traffic McDonalds at lunchtime and it seems like an attempt to disrupt business. But participants know where they are going and presumably choose to do this.

    link to this | view in chronology ]

    • identicon
      UnkieReamus, 21 May 2010 @ 3:41am

      Re: Is it about intent ?

      First, let me state I'm the original progenitor of the 50,000 people analogy, now being slightly less lazy and assigning a name.

      Second, let me say that the more I ponder my original analogy, and, (oddly) the more rum I imbibe, the more suspect I find that analogy.

      You're right, my analogy would hold up fine, were each of the people involved in the protest to be sitting at their computer continually refreshing the page, but as TFA states, apparently the professor set up a script which automatically, and continually refreshed the page, as well as "sending a 404 request" which I can only presume to mean requesting a known bad address from the server,, which would presumable add to the server load, without adding a proportionate amount of bandwidth for the user. That is much more in line with the notion of photocopied, or form-letters to a governmental body.

      Third, I'm going to take a quick moment to address the comment about a Principal taking a hundred students to such an event. I realize that the notion of undue influence has some bearing here, this is a professor who is encouraging his students to participate in a protest supporting the professors views. This is, indeed, questionable ethical ground.

      However, I would point out that a) as he is a college professor, presumably the vast majority, if not all, of his students are theoretically adults (or at least, legally so). b) given the fact that he reached tenure through research in "Electronic Civil Disobedience", it is not unreasonable to assume (sorry, I'm too drunk and care too little to do actual research) that his students were attending a seminar, or involved in research in furtherance of the self-same electronic civil disobedience.

      Fourth, and finally (I bet if you've read this far, you're relieved by the finally, huh?) I would like to proffer a new analogy. Say 500 of my closest friends and I decide that we don't like the actions being proposed by a governmental body, I extort them to photocopy and mail the same letter 500,000 times, so that the body in question is unable to discern legitimate queries from the public because they are so inundated with our protests.

      Presuming that my friends and I paid for each letter (not, say, abusing franking laws or mail for the blind), Where is the illegality? As I have and others have noted and acknowledged, there exist ethical concerns, but illegal? I think not. (Incidentally, while it is quite likely that the majority of student used school provided internet access to do this, I think it is not unreasonable to assume that at least a portion of their tuition goes to pay for that access.)

      link to this | view in chronology ]

    • icon
      Rose M. Welch (profile), 21 May 2010 @ 5:52am

      Re: Is it about intent ?

      What's wrong with an attempt to disrupt business? It's a perfectly legitimate way to protest, after failed negotiation.

      link to this | view in chronology ]

  • icon
    btr1701 (profile), 21 May 2010 @ 4:49am

    Legal Obstacle

    Unless the state plans to just completely ignore the law, it won't be able to press a criminal case against this guy. As the article notes, one of the keye elements of the crime is unauthorized access:

    "In order for there to be a computer crime, there has to be either an intentional denial-of-service or some form of trespass, which would be an unauthorized access. The problem you have here is if this is a public website, merely going to the website repeatedly is many, many authorized accesses, not an unauthorized access."

    link to this | view in chronology ]

    • icon
      Liquid (profile), 21 May 2010 @ 6:01am

      Re: Legal Obstacle

      You need to read the article again.

      "UC San Diego Professor Ricardo Dominguez spearheaded the March 4 digital protest by calling on demonstrators to visit a webpage that sent a new page request to the UC president's website every one to six seconds. A separate function automatically sent 404 queries to the server. A "spawn" feature allowed participants to run additional pages in another window, multiplying the strain on the targeted website.

      "Okay, now just sit back and relax, or open a new browser window and do anything else you need to do, BUT LEAVE THE ACTION WINDOW OPEN IN THE BACKGROUND, THE LONGER THE BETTER," a help page for the protest instructed."
      "

      If that right there does not show intent to commit a DDoS attack I dunno know how it would have to be more obvious. By saying that "That doesn't show intent to do harm to the system" is complete BS. He knew the website would continue to send requests to the page for every webpage opened. Calling on his fellow protesters to follow his cause whether they knew this was going to happen or not can still be considered intent to cause a DoS, or DDoS attack as in this case.

      Also your understanding of the law is flawed as well. Re-read it.

      "In order for there to be a computer crime there has to be EITHER an intention OR some form of tresspass"

      You don't have to have both parts of the law to make it a crime. One or both of those parts full fill the requirement to make this a crime.

      link to this | view in chronology ]

      • icon
        btr1701 (profile), 21 May 2010 @ 8:19am

        Re: Re: Legal Obstacle

        > If that right there does not show intent to
        > commit a DDoS attack

        But he's not the one who actually committed the attack. In criminal law, there are two elements to an offense: mens rea (intent) and actus rea (the action).

        Both are required for an offense to be complete and actionable by the state. Even the offense of conspiracy requires an overt act in furtherance of the conspiracy. Merely intending to do something criminal is not a crime.

        Here, the professor may have had the intent, but it was all his followers that committed the actual act and even *their* actions, taken individually, were not criminal. Each person was accessing the web site in an authorized manner. It was only the aggregate effect of multiple simultaneous authorized accesses that caused the problem.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 21 May 2010 @ 9:11am

          Re: Re: Re: Legal Obstacle

          "Here, the professor may have had the intent, but it was all his followers that committed the actual act and even *their* actions, taken individually, were not criminal."

          But the professor coordinated the "attacks." In many states, if a bank (or liquor store) robber robs a bank and shoots and kills someone in the process, the person who drove the getaway car could also be punished for the killing that the bank robber did.

          I also don't think that a mafia leader can claim that he doesn't get in any trouble for coordinating the actions of his followers just because he didn't participate in them at all. For years various (mafia) gangs have tried that, and they have attempted to get away with it under the pretext that they didn't directly commit any crimes, but I don't think that really holds up in court. If a gang leader orders one of his gang subordinates to shoot someone, does the leader not get in trouble?

          link to this | view in chronology ]

          • icon
            Rose M. Welch (profile), 21 May 2010 @ 4:07pm

            Re: Re: Re: Re: Legal Obstacle

            What do you think the appropriate legal punishment should be for being an accessory to a successful attempt to slow down a website during a legitimate protest?

            link to this | view in chronology ]

            • identicon
              Anonymous Coward, 21 May 2010 @ 7:11pm

              Re: Re: Re: Re: Re: Legal Obstacle

              I don't know. The punishment should fit the crime though, whatever that means. There is debate over the appropriate punishment for someone who murders, steals, and just about everything else. but just because there is debate over what the punishment should be for many crimes doesn't mean there shouldn't be any punishment at all for any crimes.

              link to this | view in chronology ]

  • identicon
    Dallas IT Guy, 21 May 2010 @ 5:20am

    Intent matters

    I think intent comes into play here.

    From the article, he set up a web site that automatically sent requests to the target site every few seconds (without any action from the user.)

    I think it's one thing to browse a site to consume the material on it, but completely different to just browse the site for the sole purpose of placing a stress load on it.

    I don't disagree that it's "electronic civil disobedience", but that doesn't mean that you haven't committed a crime.

    link to this | view in chronology ]

  • icon
    poch (profile), 21 May 2010 @ 5:31am

    DDOS attack

    My IP address was recently banned (error 404 resolved) and I suspect this was what happened -I was suspected of trying a DDOS attack because I have so many links LOL

    link to this | view in chronology ]

  • icon
    a-dub (profile), 21 May 2010 @ 6:02am

    The fact that he created...

    "a webpage that sent a new page request to the UC president's website every one to six seconds."

    AND

    "A separate function automatically sent 404 queries to the server."

    AND

    "A "spawn" feature allowed participants to run additional pages in another window, multiplying the strain on the targeted website."

    ...will potentially bite him in the ass. Its not like he asked people to repeatedly visit the university presidents website. He created an automated method for increasing traffic to the website. Now, can he be held responsible for creating a tool that other people decided to use? Can this even be considered a DDoS "attack" since by definition a DDoS attack is performed by centrally controlled compromised systems? I think the most important aspect of all of this is that it was automated.

    link to this | view in chronology ]

  • identicon
    Bengie, 21 May 2010 @ 6:17am

    DoS

    My consumer grade router can detect and block DoS and scans. I blame the admin for sucking.

    Unless he "sit in" managed to consume all of their bandwidth, their firewall should have started to block requests from offending addresses.

    link to this | view in chronology ]

    • icon
      Liquid (profile), 21 May 2010 @ 6:37am

      Re: DoS

      Not if that web server was in the DMZ.

      link to this | view in chronology ]

      • identicon
        Bengie, 21 May 2010 @ 11:17am

        Re: Re: DoS

        ALL devices on your network should be protected from DoS.

        A basic firewall that checks for these things should be between your WAN and the LAN. Anything communicating on the internet should have to do through these.

        DMZ usually just means your allow connections in and devices in the DMZ have to go through a special firewall to access the LAN, but it doesn't mean you have no firewall at all for the DMZ.

        A 100% un-firewalled machine facing the net is just a horrible idea.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 21 May 2010 @ 2:03pm

          Re: Re: Re: DoS

          It's not that simple. A smart device could, upon detecting a DOS (assuming it can efficiently identify the attacking machines and distinguish them from legitimate machines) might be able to prevent outgoing traffic towards attackers. But how do you stop incoming traffic from hogging up all your ISP bandwidth? You must work with your ISP or something. It's not that simple.

          link to this | view in chronology ]

        • identicon
          Anonymous Coward, 21 May 2010 @ 2:03pm

          Re: Re: Re: DoS

          "A 100% un-firewalled machine facing the net is just a horrible idea."

          Firewalls don't really defend against a DOS or DDOS attack. They're usually designed to defend against unsolicited traffic.

          link to this | view in chronology ]

    • identicon
      Jon B., 21 May 2010 @ 7:48am

      Re: DoS

      You can throttle individuals without affecting others, but if the DoS is distributed, i.e. a DDoS, then you'll almost certainly deny service to legitimate users in addition to the attackers.

      link to this | view in chronology ]

  • identicon
    Colonel Panik, 21 May 2010 @ 7:13am

    Electronic Civil Disobedience

    Forget the laws, broken or not. Do not worry about intent.
    Please focus on this one fact: The Hippies have won!

    One small action at a time. The gathering of people to express
    their views, without violence, is a right of every citizen.

    It is a Community thing.

    link to this | view in chronology ]

  • identicon
    Pixelation, 21 May 2010 @ 7:39am

    Lawsuits

    Why is it that things like this are handled so often with lawsuits? Have we become such poor communicators that we can't resolve our differences without clogging the courts?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 May 2010 @ 7:58am

    Framing the professor's conduct as "telling people to visit a website" answers the question. Of course, that fact alone does not make some a DoS attack. But telling tons of people to go to a site, and to access it repeatedly in order to shut it down, and creating tools specifically for that task, is more than "Telling people to visit a website." "Intent" is an element of many crimes, and having a malicious intent can transform relatively benign conduct into a crime. As any first year law student can explain, if I tap you on the shoulder on the streetcorner to ask you for directions, I haven't committed the crime of battery. If I poke you in the shoulder with intent to cause you injury, I have.

    link to this | view in chronology ]

  • identicon
    Surveyguy, 21 May 2010 @ 9:23am

    Here's a thought

    Perhaps the University should publicly "thank" Prof. Dominguez and state that because he has brought a potential security problem to light, not only will budgets be cut, but faculty salaries will be cut 1/2 of 1% with the next contract and student tuition increased by the same percentage in order to pay for the needed server enhancements that they have Prof. Dominguez to thank.

    That would make the Prof. very "popular" on campus -- don't you think?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 May 2010 @ 10:02am

    I think this is wonderful, people are starting to test the waters and will find ways to express themselves.

    Just like sit ins where forbidden and violently dealt with, this too will be seen as a threat and some people will try to criminalize it but in the end is the people expressing themselves.

    Making tools to protest is part of the thing also.
    People make banners in real life, make costumes, make flyers, chain themselves, bring buckets, build gigantic black rats, so I don't see the problem in building a portal or tool to do the same on the digital front. It wasn't sneaky or anything he could even tell them this protest will take place from date A to date B and will slowdown or interrupt services at some hours, just like in the real world.

    link to this | view in chronology ]

  • icon
    a-dub (profile), 21 May 2010 @ 11:47am

    I agree with Bengie.

    I think the university network admins are probably getting an ear full, but the professors actions are a separate issue. I still cant decided if what he did is even illegal.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 May 2010 @ 2:05pm

      Re:

      Universities typically have firewalls, so I don't even see your point.

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 May 2010 @ 2:14pm

      Re:

      and I'm sure that UC San Diego also has a firwall. What, do you honestly think that if I started to port scan a bunch of their ports they're going to show up open? In fact, I don't see how they won't have a firewall, any NAT router or anything that enables many separate computers to share one internet IP address automatically acts like a NAT firewall. The issue here isn't a matter of their firewall being penetrated or their website being hacked or their servers being hacked. A DOS or DDOS attack overwhelms the incoming pipes at the ISP level. The information first needs to make it to the firewall for the firewall to determine the legitimacy of a packet and decide if the packet should continue past the firewall or be rejected by the firewall and die at that point.. and in order to make it to the firewall it must make it via a communication medium like a wire. But the router/firewall can only inspect/process and allow/deny so many packets at a time and the pipe / wire can only transmit so much data at a time. A DDOS/DOS tries to jam the pipline/wire by exhausting it with so much junk traffic that no more traffic can even make it to the firewall for packet inspection hence preventing legitimate customers from making it to the site (since their packets can't make it there either). It's like intentionally jamming the freeway with so many cars or protesting and jamming the freeway with so many protesters/people that no legitimate users can use it anymore and hence legitimate freeway users can't make it to their destination. A firewall is like a security guard at each destination guarding against unauthorized people from entering a building or certain parts of a building. A firewall is the security at each destination building (cameras, etc...), whereas a DDOS jams the pathway to the destination. The security guard at your work or whatever has no control over what goes on on the freeway or pathway to your work.

      link to this | view in chronology ]

      • identicon
        Bengie, 21 May 2010 @ 2:36pm

        Re: Re:

        "But the router/firewall can only inspect/process and allow/deny so many packets at a time and the pipe / wire can only transmit so much data at a time."

        Most decent firewalls/routers can filter at full wire speed, so the "amount" of packets shouldn't be an issue.

        Typically the problem with a DoS is someone sends a bunch of ACK packets to establish a connection, but then doesn't proceed any further. This means the server is left hanging on that connection until it times out. There are a max amount of connections a server can handle. Most modern OSs can detect these issues and close the connections.

        Most good firewalls can block the above issue from happening in the first place. The above article says they were just loading the pages via web browsers, so this wasn't the issue.

        The only other issue would then be bandwidth. The student must've been downloading more from University than they had bandwidth. WTF....? GL with that.

        My guess is bad server/network admins.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 21 May 2010 @ 8:26pm

          Re: Re: Re:

          "Most decent firewalls/routers can filter at full wire speed"

          Depends. The point is that there are limiting factors beyond a network administrators ability to (cheaply/feasibly) control.

          "Typically the problem with a DoS is someone sends a bunch of ACK packets to establish a connection"

          ACK packets are acknowledgment packets. They are not sent to establish a connection, SYN (synchronization) packets are sent to establish a connection. Then the server responds with a syn/ack packet in which case the client responds with an ACK packet to acknowledge the connection established. It's called a (TCP) three way handshake.

          What happens is the client floods the servers downstream with syn packets. Then, to the extent that the server is unable to determine that a packet is illegitimate, the server will respond with syn/ack packets which will flood the servers upstream bandwidth. If the server is smart it may be able to determine that some of the syn requests are bogus (depending on the servers intelligence and the dynamics of the attack, but that's a much more complicated issue) and it will not bog down it's upload bandwidth with syn/ack packets, but that doesn't prevent the servers downstream bandwidth from being bogged down.

          "The only other issue would then be bandwidth. The student must've been downloading more from University than they had bandwidth."

          The students could collectively be sending more bandwidth to the university than the University and it's ISP can handle. That's generally how a DOS/DDOS works.

          "My guess is bad server/network admins."

          The article seems ambiguous, but it's irrelevant. Even if the cause is due to a bad server/network admin, that still doesn't justify a DOS/DDOS like attack. That's kinda like saying, because a store doesn't have adequate security guards or because it has poor security guards and takes poor security measures it's OK for protesters to block customers from entering. Regardless of the security measures employed by a bank, robbing a bank is wrong.

          link to this | view in chronology ]

  • identicon
    Ray, 21 May 2010 @ 12:04pm

    Who would be the defendant in such a case - the university itself? Certainly if the student is receiving any sort of stipend for his study then he is a sort of employee of the university, performing work sanctioned by the university, which they have been expressly told was "electronic civil disobedience."

    This reminds me of the recent Coke Zero commercials where Coke is looking to sue Coke Zero for tasting too much like Coke, even though it is Coke themselves that makes Coke Zero. What kind of university employs such faulty logic? If we assume that no university would do such a thing then is this simply a ploy for attention? For in that case I can see the only way for them to profit through this report.

    link to this | view in chronology ]

  • identicon
    Mr Big Content, 21 May 2010 @ 9:14pm

    There’s A Fine Line Between ...

    ... free speech and incitement to visit a website.

    link to this | view in chronology ]

  • identicon
    legend, 30 Jun 2010 @ 7:54pm

    Re: UltimateGuitar.com - Online Guitar tab & chord resource.

    I will be the first to admit, I’ve watched For The Love of the full lace wigs and lace wigs several times, maybe lace front wigs and lace front wigs too many times, but that’s besides the point.

    link to this | view in chronology ]

  • identicon
    rico, 10 Apr 2011 @ 7:07pm

    Everybody got his own perception, but if they press criminal charges maybe it's not that easy to proof guilty. Everybody has a right to express their self and it is protected by law.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.