1. vDOS

剥がされたベール?

vDOSがどれくらいDDOS攻撃に使われていたか、よくわからない。

http://krebsonsecurity.com/2016/09/israeli-online-attack-service-vdos-earned-600000-in-two-years/ 

To say that vDOS has been responsible for a majority of the DDoS attacks 
clogging up the Internet over the past few years would be an understatement.

とある。 

A majority is the greater part, or more than half, of the total.
It is a subset of a set consisting of more than half of the set's elements.

https://www.exploit-db.com/docs/40331.pdf (Arabian 翻訳はないのか) 

The Art of Port Scanning
"This  paper  details  many  of  the  techniques  used  to  determine  what  ports  (or 
similar  protocol  abstraction)  of  a  host  are  listening  for  connections.
These  ports represent  potential communication channels.
Mapping their existence  facilitates the  exchange  of  information  with  the  host,
and thus  it  is  quite  useful  for  anyone wishing to explore their networked
environment, including hackers.
Despite what you have heard from the media,
the Internet is NOT all about TCP port 80.
Anyone who relies exclusively on the WWW for information gathering is likely to 
gain the same level of proficiency as your average AOLer, who does the same.

http://www.digitaltrends.com/computing/vdos-ddos-brian-krebs/

Brian Krebs exposes inner workings of DDoS-for-hire service vDOS

-- ToshinoriMaeno 2016-09-10 17:52:33

Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years (詳しい) http://krebsonsecurity.com/2016/09/israeli-online-attack-service-vdos-earned-600000-in-two-years/

https://twitter.com/briankrebs/status/774460806020956160

Cloudflare has graciously arranged to host the vDOS attack log, which is pretty large as text files go https://www.cloudflare.com/media/krebs/attacks.txt.zip

3MBあって、展開すると30MBくらい。

http://news.softpedia.com/news/israeli-police-arrest-owners-of-vdos-ddos-for-hire-service-508175.shtml 

"vDos website down after BGP hijacking"

The vDos website is down since Friday. According to Krebs, this happened because a company named BackConnect Security had performed a BGP hijack. A BGP hijack is a technique used to tell other routers on the Internet that an IP can be found on your network, when it's not.

BackConnect Security told Krebs they were under a massive 200 Gbps DDoS attack and that they received an email from vDos claiming responsibility for the incident. As such, the company performed a BGP hijack for the IPs Krebs published in his original report, hijacking the vDos servers from under the attackers' feet.

https://twitter.com/briankrebs/status/774390747453878272 word from three sources now that vDOS proprietor AppleJ4ck just got raided in Israel. guess that explains a lot.

/HOW vDOS GOT HACKED

https://twitter.com/briankrebs/status/774460806020956160 

Cloudflare has graciously arranged to host the vDOS attack log,
which is pretty large as text files go

https://www.cloudflare.com/media/krebs/attacks.txt.zip

/log

PoodleStresser (vDoSに依存?) を攻略して、vDoS攻略の手がかりにしたらしい。

http://www.theinquirer.net/inquirer/news/2470454/vdos-hack-attack-on-ddos-for-hire-service-leads-to-two-arrests

vDOS had operated undetected for years, but security researcher Brian Krebs, working with an unnamed source, managed to find an exploit in the service that allowed access to its database of information.

The site was breached after another DDoS-for-hire service, called PoodleStresser, was itself hacked.

"The vulnerability allowed my source to download the configuration data

"PoodleStresser, as well as a large number of other booter services,

From there, the source was able to exploit a more serious security hole in vDOS that allowed him to dump all of the service’s databases and configuration files."