Tag Archives: WikiLeaks

News – The Death of a Dream

“Two tires fly. Two Wail.
A bamboo grove, all chopped down
From it, warring songs.”
― Neal Stephenson, Cryptonomicon

Great article in the Sunday Times Obituaries today covering the death of  Roy Bates, founder of The Principality of Sealand, on the 9th. Bates, residing in England, died at 91 after years of suffering from a number of illnesses.

For those that are not aware of Sealand’s existence, the former artillery platform was home to a number of shady operations throughout the years. Bates used the platform to broadcast pirate radio signals to Europe and declared that Sealand was its own nation and, therefore, not subject to any country’s laws.

With aspirations of becoming a standalone data haven, HavenCo tried to capitalize on Sealand but failed and ended up fading into obscurity. How does a free mini-nation exist without the protection and support from neighboring countries? It doesn’t. Even the infamous Julian Assange was said to have considered purchasing Sealand for his WikiLeaks servers and decided against it.

Although the Bates family has a caretaker staying at Sealand, the platform is empty despite past attempts to lease or sell it. Still, the family remains active and maintains a website and a soccer team!

Regardless of the realities, Sealand remains a dream to all those inspired by the idea of a censorship-free government. In that light, the family is selling everything from plastic wristbands and email accounts to custom titles on their website. Hey… freedom is a nice idea but someone needs to pay the bills!

Roy Bates will be missed. E Mare Libertas!

Source

Yardley, William.” Roy Bates, Bigger-Than-Life Founder of a Micronation, Dies at 91.” The New York Times. October 13, 2012.

Bates, James. “Prince Roy of Sealand aka Roy Bates (passed away 9th October 2012) Obituary.” Principality of Sealand Homepage. October 10th, 2012.

Related Articles

Grimmelmann, James. “Death of a data haven: cypherpunks, WikiLeaks, and the world’s smallest nation.” Ars Technica. March 27, 2012.

Libbenga, Jan. “Offshore hosting firm HavenCo lost at sea.” The Register (UK). November 25. 2008.

Masnick, Mike. “The History Of Sealand, HavenCo And Why Protecting Your Data Needs More Than Being In International Waters.” TechDirt. March 28, 2012.

Staff Writer. “HavenCo “data center” offline?” SecurityAndThe.Net. 2008.

The Principality of Sealand Homepage: http://www.sealandgov.org/

LOIC DDoS & The Nature of Anonymous Attacks

One of the most impressive and dangerous Denial of Service tools is named, jokingly, as Low Orbit Ion Cannon (LOIC). The tool has gained public notice after being repeatedly used in successful attacks against high value web servers such as those belonging to the Church of Scientology during Project Chanology, the Recording Industry Association of America (RIAA), groups opposing MegaUpload and WikiLeaks as the mega-group’s enemies.

While I won’t get into the ideological arguments expressed by either Anonymous or their opposition, I’d like to take a moment to explain LOIC and provide some interesting links to sites containing more information.

As I always state:  I’m merely an individual interested in security for the sake of learning, if you have a vested interest in any of the ideologies either for or against the attacks check the links below for protections or ways to get more involved in the LOIC project.

Background

LOIC, originally written in C# by Praetox Technologies, has been since coded into an independent JavaScript program known as JS LOIC (hosted by HiveMind, linked below). As such there’s even a web version of the DoS tool!

When the project was first released I managed a DDoS (Distributed Denial of Service) attack against my own test box using a 5 PC networked LOIC attack triggered using UltraVNC (akin to a botnet), it worked extremely well. The method could even be used to trigger remotely using an iPad or any device running the appropriate RAS software. If a given server or network is susceptible to LOIC attacks, a DDoS against that server or network can be extremely potent.

Details and Protection

LOIC works by flooding a specified target server with TCP or UDP packets. The attack relies on the principles inherent to most forms of DoS attacks. As such it’s surprisingly easy to protect against. Many servers should have been well-protected against DoS attacks to begin but, as we know from real world IT, what’s best isn’t always what’s done.

Firewall rule-sets can be enacted which filter out the over abundance of packets coming from any one IP address long before something like this becomes a problem. To my knowledge ISPs on a larger scale can protect against DoS traffic by filtering out the appropriate UDP and ICMP packets before they reach their intended targets.

It should be common knowledge for server administrators to contact their ISPs to ensure measures are in place to protect them at that level. Then appropriate measures should be taken to draft appropriate network firewall rules.

But many of the attacks are difficult to trace…

The Nature of Anonymous Attacks

ARP Poisoning, as previously mentioned on fork(), can be used to make attacks appear to be launched from within your own network (or attacks against your network can be made by attackers who gain special accessing by spoofing their way into your network). Such attacks can be used to incite various man-in-the-middle (MITM) attacks and/or DoS/DDoS attacks. For more examples see this blog’s article on session hijacking.

A good intrusion detection system monitoring ARP tables can alert the network administrator of changes or additions and thus possibly thwarting spoofed MITM attacks before they occur. The article by Busschers cited below discusses spoofed/reflected attacks and how they can be conducted.

Sources

My blog isn’t funded by any corporations or governments and as such I’m fully willing to give all sides to an argument. So, I’ve constructed a list of  sources I used when writing this post as well as some sites that may interest those wanting to learn more:

If you’d like to contribute to the C# original LOIC project please check out the LOIC project page here: https://github.com/NewEraCracker/LOIC/

Additionally you can check the more frequently updated SourceForge page for JS LOIC designed by HiveMind: http://sourceforge.net/projects/loic/

The HiveMind web version is located here: https://code.google.com/p/lowc/

Server Fault (Stack Exchange) Topic in regards to preventing LOIC DDoS posed by a user in 2010: http://serverfault.com/questions/211135/how-to-prevent-a-loic-ddos-attack

“4 Best Practices for Mitigating DDoS Effects,” by ES Enterprise Systems, February 6, 2012. Article discusses DDoS damage mitigation here: http://esj.com/articles/2012/02/06/best-practices-mitigating-ddos.aspx

“Effectiveness of Defense Methods Against DDoS Attacks by Anonymous,” Busschers, Rik. University of Twente, NL. This is a great article detailing the Anonymous Chanology & Operation Payback attacks, those recent attacks against PayPal, MasterCard and more. Check it out here: http://referaat.cs.utwente.nl/TSConIT/download.php?id=1085 (It’s also an excellent article for learning more about the type of attacks used and how such things as SYN packet flooding work. If the article ever goes off-line I’ll re-upload it.)

Another great source detailing spoofed DDoS attacks: http://www.skullbox.net/spoofeddos.php

ARP Poisoning/Spoofing in detail can be further explored here: http://www.irongeek.com/i.php?page=security/arpspoof

Network Research Group (NRG)’s ARP Watch can be found here: http://www-nrg.ee.lbl.gov/