If you think it's bad now...
DDoS attacks are only going to increase. As the Internet expands, more people are getting broadband access, giving crackers more unprotected systems to exploit.
Adding fuel to the fire, Windows XP, which Microsoft is positioning as the next mass consumer operating system, will use "raw" TCP/IP sockets. Normally, programmers write applications to use a specific socket--a software object that connects applications to TCP/IP--associated with that function.
TCP/IP also defines a SOCK_RAW socket type, or a raw socket. Not all operating systems support these, but Unix and Windows XP do. By using raw sockets a programmer can write code that can call on any TCP/IP socket. While handy for programming beyond the normal TCP/IP standards, raw sockets lend themselves to spoofing and building rogue applications like DDoS zombies, because they allow developers to use commonly used sockets in unexpected ways. For example, with raw sockets you can build a DDoS attacker that gets its instructions using socket 80--the Web's Hypertext Transfer Protocol (HTTP) socket of choice.
While Windows 2000, Unix, and its descendents, Linux and the BSD operating systems, also have raw sockets, these operating systems tend to be in technically adept hands. These users, while they may not always police their own systems the way they should, often know how to lock their systems down. XP, however, which will be in the hands of anyone buying a new system from Circuit City, is far less likely to have expert administrators looking out for new DDoS agents.
Because of this, experts, like Steve Gibson of Gibson Research Group predict that the current explosion of DDoS attacks (4,000 a week by Gibson's estimate) will vastly increase. Theoretically, this could lead to the Internet itself slowing from hundreds of thousands of DDoS attacks.
