undefined | Better HN

0 pointsdasyatidprime5y ago0 comments

As far as auto-learning to counter such things, https://linuxsecurity.com/features/features/introducing-crow... did show up recently: an attempt at a crowd-data-enhanced next-gen-fail2ban-alike. (Not an endorsement, never tried it.)

I don't think it uses any of the techniques currently considered central to machine learning, but if it works well / catches on to start with then it could be a good place to see how useful those would be.

0 comments

blibble5y ago

I don't see how that project helps solve the underlying problem: denial of service

if the idea kicks off, instead of spamming packets directly at their targets: kiddies will switch to feeding cloud-fail2ban with their target's IP addresses

and there will be paid services to do this for you

same effect

stcredzero5y ago

if the idea kicks off, instead of spamming packets directly at their targets: kiddies will switch to feeding cloud-fail2ban with their target's IP addresses

As far back as the 2000's, kids knew to keep their IP addresses secret. There are plenty of real-time game server architectures where no game client knows the IP address of another game client. This might not be feasible for very fast paced FPS games, for example, but that's only one particular use case.

I suspect we could significantly raise the bar to DDOS something like 80% of all websites/apps/servers -- at least to the level where random kids or even random middle class adults would think about it because they had a bad day.

j / k navigate · click thread line to collapse