Many hackers voiced criticism of DDoS evils

Right after the online Stake , many websites were attacked with a larger scale. While businesses do not dare to speak, DDoS, which is said to destroy network resources, is also very interested by hackers and they have spoken out.

Mr. Hoang Ngoc Dieu, an IT solution specialist from an insurance company in Australia and a member of the Board of Directors of a large hacker network in Vietnam, said that denial of service (DDoS) attacks were a in the results of research and experimentation in the security world. It is like a sharp knife. If the user is willing, they will warn of the danger when using this knife in the wrong place, not properly. Otherwise, this tool will be used in any situation or purpose. "DDoS becomes a problem as it is now because it falls into the hands of so many unwilling people and any security worker is disgusted", Mr. Yao affirmed.

" We only target information technology sites, forums and pornographic sites (xxx), without touching the business without being challenged by the admin ," said a hacker with the nickname hero_zero. " DDoS is an easy way to succeed, simple and less time consuming, just need to 'capture' a lot of websites. Most people who choose DDoS attack are young members who are unable to penetrate the website of people. other ".

It is argued that this is the last and most reluctant solution of hackers, when it is impossible to exploit bugs or attack targets. The main purpose of DDoS is to prevent users from accessing the website. Taking advantage of this feature, some hackers conducted DDoS to hire money. " I was hired to break a Vietnamese website for $ 2,000, if I didn't DDoS, someone else would take it. Furthermore, I also wanted to try the security level and break into a huge database. "said a foreign hacker.

Vietnamese hackers are spreading their ear to a group of DDoS professionals who hire money with customers who are business, security . Tan Quang, a hacker in Ho Chi Minh City, said: " Quite a lot of handlers hire 'black society' on the network to eliminate competitors, back and forth DDoS attacks, both of them ultimately lost and did not solve the problem. The network security became worse and the information technology industry and the right-back hacker. feel insecure ".

The information technology community has witnessed the scale of DDoS attacks that even hackers are afraid of the power of "borrowing this wind." Because normal network users cannot distinguish the banner on the website that has been installed DDoS attack code, or when they go to a website to listen to music, clicking on a song is at the same time done two programs, in There is a command to attack another site.

Face to face with DDoS is none other than security experts and research teams. For them, this is an action that demonstrates a weak knowledge and deserves to be despised. Therefore, Mr. Dieu said that not many people in foreign countries officially announce the sovereignty of some form of DDoS, except for research and remedial purposes. "In many countries, DDoS attacks are also very diverse in order to test, pressure or prove point of view . However, it appears and terminates quite briefly," said the veteran hacker.

DDoS - double-edged sword

Because of these unanticipated harms, the need to learn about DDoS and the number of people coming to security layers is increasing. Mr. Vo Do Thang, Head of Project and Training Department of Network Management Training Center Athena (Ho Chi Minh City), said: " Teaching security is a quite sensitive issue in the current situation. To protect To protect their systems, students must be equipped with knowledge of attack mechanisms and solutions to support ".

Learning information technology in general or security in particular cannot be based on theory, but on the system. With DDoS, too, the entire attack process is performed by lecturers right on the intranet. " We provide DDoS tools for students that are aimed only at learning purposes and always guide students on the right path, becoming security experts. The first lesson we teach is always moral. "Mr. Thang added. " But in reality, the center cannot control and is responsible if students apply the knowledge they have learned to destroy ."

The phenomenon of DDoS websites in Vietnam is developing very strongly, almost like a movement. Most are due to students using DDoS attack tools (script kiddies). To reach out to the attackers (DDoSer) of this type, a hacker explains: " Create a real nick, find a DDoS code and test a few websites, then there will be many people contacting you. To know who is the denial of service attacker, you must first be DDoSer ".

The amount of DDoSer in Vietnam is increasing, but this does not mean that most hackers agree with it. Tan Quang, confided: " It is really a disaster and people who know, have a job and are conscious will not harm websites or show power in this way. Do not attack for purposes. Please say no to DDoS . ".

Representing a group of hackers who have just announced the "cool" DDoS confession: " We found ourselves wrong when we published DDoS x-flash. DDoS tool which caused the attacker himself to suffer from the cost. Network bandwidth of personal computers to launch, not to mention the possibility of DDoS attacks again Fixing past mistakes, we will stop publishing attack tools and disable what spread earlier because they have some easily recognizable and preventive traits ".

DDoS restrictions must have technical and legal coordination

According to security expert Hoang Ngoc Dieu, to minimize the damage, webmasters can use some soft firewalls such as HCe'firewall or other firewall scripts, and check the website every day and log the script without giving up. for the attacker. On the other hand, ISPs also need to be responsible for monitoring the amount of zombies (computers that have been controlled) that are being used to attack, informing users about the situation inadvertently abetting and filtering DDoS-originating websites. . In addition, the Law on High-Tech Crime is also a solution to the psychology of DDoS attackers.

Mr. Dieu added: " The authorities must also pay due attention to issues affecting e-commerce, because they directly affect the national economy. Current laws need to be promptly revised and strictly handle destructive actions on the inter-network environment ".

" To search for culprits, it is necessary to have high coordination and determination of businesses, ISPs, information technology experts and Laws for Internet crimes ", said Nguyen Anh Hao, a lecturer specializing in security. by Network Administrator Training Center Athena, commented. " If the law strictly regulates penalties and strictly punishes cybercrime, there will be a limited restraint of DDoSer and a good deterrent to those who are for money, being considered The trigger for this kind of nefarious profit online ".

" Although some members are passionate about computing and want to prove they have taken wrong actions, not all hackers are bad people or vandals, " said a hacker. " Before accusing DDoS, e-commerce businesses need to rethink their capabilities, material and technical level. Because security techniques are weak, even if they are not DDoS or hacked, they cannot survive. ".

Mr. Hoang Ngoc Dieu affirmed: " The fact that the technical staff entrusted to suppliers of software, hardware, routers, and firewalls is a negative attitude towards DDoS threat and will not lead to positive results. ".

Van Hong - Nguyen Hang