In February 2000, David Dittrich, the 39-year-old security administrator for the University of Washington, and "Mixter," a 22-year-old creator of tools for launching attacks against Web sites, faced off virtually when Mixter's program--the Tribe Flood Network--was used to inundate Yahoo, CNN and six other major Internet sites with data.
The denial-of-service attacks slowed access to the sites--and in some cases made the sites unreachable--for hours at a time.
Dittrich, who had analysed TFN and other denial-of-service tools, became the expert of the hour, while Mixter--because the culprit who used his tools hadn't been found--became its villain.
In a recent interview at the CanSecWest conference in Vancouver, British Columbia, the two revealed that though they use their skills differently, Dittrich knows a lot about hacking and Mixter is well-informed about security.
When did you start doing security?
Dittrich: I actually sort of grew into it as a by-product of doing support.
I taught myself, then started with the University of Washington doing
support for the Unix workstations, and there were so many Unix compromises
that I had to end up helping people figure out what happened and how to
secure their systems. And it was such fascinating stuff.
When did you first start seeing the denial-of-service attacks? Your
systems were being used to launch the attacks against the University of
Minnesota, right?
Dittrich: Yeah, actually a little bit before that. We had DOS attacks going
against our systems for years...It wasn't until May or June 1999 that we
started seeing Trinoo (an early distributed denial-of-service tool) on a
bunch of systems.
And then you saw the distributed denial-of-service (DDoS) attacks in
February of 2000?
Dittrich: Yeah, against Yahoo. And that's the thing--everybody says DDoS,
Feb. 8, that's when it happened. But no, it had been going on long before
that.
