The Nizkor Project: Remembering the Holocaust (Shoah)

Shofar FTP Archive File: people/z/zundel.ernst/syn-flood-info


From: gandhi@bc.sympatico.ca (Rajiv K. Gandhi)
Newsgroups: alt.revisionism,alt.fan.ernst-zundel
Subject: Re: 970304: More yet on Nizkor's 'mission'
Followup-To: alt.usenet.kooks
Date: Tue, 04 Mar 1997 23:28:30 -0700
Organization: Celyddon Forest
Lines: 147
Message-ID: 
References: 
NNTP-Posting-Host: vcta01m03-178.bctel.ca
X-Newsreader: MT-NewsWatcher 2.3d2

In article ,  Ingrid Rimland lies
thusly:

[snip]

>Here is a telling follow-up on electronic terrorism involving none other
>than Nizkor.  Be sure to read it carefully - and act on it if you are so
>inclined.

Libel, and a thinly veiled threat. Actionable stuff if ever I saw it.

>You will remember the massive e-mail attack aimed at our California-based
>server, Web Communications, in mid-December.  For 40 hours straight, an
>automatic mailer fired three words - "Denial of Service" - at the rate of
>200 e-mail messages per second at Webcom - an attack which amounted to a
>staggering 28.8 million letters.

As usual, Ingrid has twisted the facts. 

According to Webcom's downtime log, found at
, Webcom suffered three
seperate SYN Flood attacks (aka denial of service) - 7/12/96, 12:30am-7:30
am, a second one from 12:30 pm to 2:30 pm, and a third one which began
14/12/96 at 12:30 a.m., and ended 15/12/96 at 3:00 pm. This third attack
was the longest, lasting 38.5 hours. 

A denial of service attack does not, as Ingrid suggests, involve sending
e-mail with the words "denial of service" in them, nor does it actually
involve a mailbomb. According to CERT, a denial of service attach involves
sending requests from a client to a server (in this case the server being
Webcom) to establish a TCP connection (any TCP connection.) 

CERT describes a SYN Flood this way (see
) :

     The client system begins by sending a SYN message to the server. The
     server then acknowledges the SYN message by sending SYN-ACK message to
     the client. The client then finishes establishing the connection by
     responding with an ACK message. The connection between the client and
     the server is then open, and the service-specific data can be exchanged
     between the client and the server....

     The potential for abuse arises at the point where the server system has
     sent an acknowledgment (SYN-ACK) back to client but has not yet received
     the ACK message. This is what we mean by half-open connection. The
     server has built in its system memory a data structure describing all
     pending connections. This data structure is of finite size, and it can be
     made to overflow by intentionally creating too many partially-open
     connections.

     Creating half-open connections is easily accomplished with IP
     spoofing. The attacking system sends SYN messages to the victim server
     system; these appear to be legitimate but in fact reference a client
     system that is unable to respond to the SYN-ACK messages. This means that
     the final ACK message will never be sent to the victim server system.

     The half-open connections data structure on the victim server system
     will eventually fill; then the system will be unable to accept any new
     incoming connections until the table is emptied out. Normally there is a
     timeout associated with a pending connection, so the half-open
     connections will eventually expire and the victim server system will
     recover. However, the attacking system can simply continue sending
     IP-spoofed packets requesting new connections faster than the victim
     system can expire the pending connections.

Further, it should be noted that the SYN Flood was not aimed at the lying
nazi-boy Zundel. The attack was aimed at Webcom, which coincidentally
serves the website where lying nazi-boy Zundel chooses to peddle his
fradulent and anti-semetic beliefs and merchandise. Webcom also is ISP to
thousands of other people, and houses approximately 3136 websites, of
which the zundelsite is but one. Ingrid would like you to believe that the
attack was directed at the lying nazi-boy Zundel. However, there is no
evidence whatsoever to support such an inference.

In any event, the attack on Webcom seems to have originated from Malaspina
College - a small eduational institute located in Nanaimo, although this
was via a hacked Linux Box according to Malaspina Computer Services. Refer
to both 

 and



for further information.

[snip]

>This was the second time that Webcom has been so attacked. The first
>attack came out of Germany via Deutsche Telekom a year ago in response to
>an announced and then hotly denied "debate" with the notorious Holocaust
>Promotion website, Nizkor - a website opposing Revisionist websites on
>grounds that Nizkor's function is to serve the memory of those who died in
>the "Holocaust" whom we are wantonly defaming.

That's funny. Webcom's downtime log, active since September 5, 1995, shows
no record of any type of denial of service attack, other than those which
occurred in December of 1996, or any external event preventing Webcom's
operation.

[At this point Ingrid points out that Nizkor is able to issue charitable
tax receipts, via charitable foundations in Canada and the US. This is
neither news, nor relevant to anything. If you disagree, please read her
original post, or visit Nizkor, where such details have been available for
some time. She also whines about the fact that Nizkor gets publicity and
that Mr. McVay was awarded the OBC. Again, ardly relevant; if you think
so, please read her original post.]

[snip]

>What seems to have been overlooked until now is the incriminating fact that
>the allegedly oh so noble folks at Nizkor, who like to seize the moral high
>ground in every argument, store detailed information and instructions on
>how to engage in electronic computer terrorism on their websites.   This is
>tantamount to displaying bomb making instructions on militia sites, which
>Nizkor's friends routinely rail about.

[More irrelevant and delusional ranting deleted.]

>I will now share the information since obtained with the RCMP as well, as
>well as with my readership.  The information is as follows:
>
>At  http://search.nizkor.org/ftp.cgi?miscellany/up-yours-faq, there are
>explicit instructions on how to mail bomb an opponent.  Below, I quote some
>excerpts from a program called "Up Yours".

Hmm.... excerpts yes, although you failed to include the disclaimer
attached by Mr. McCarthy, who had provided a very explicit explanation of
why the material was there in the first place, as well as a lucid and well
documented response to this libel.

[snip - excerpt deleted. Please refer to
]

[snip - Ingrid's libellious accusation against Nizkor deleted.]

>I want to say in closing that the president of Webcom, Chris Schefler, who
>is Jewish, has behaved towards us in an absolutely impeccable professional
>manner.  

What bloody difference does it make if the president of Webcom is Jewish ?
Oh wait, you're trying to show the world that you're not an anti-semite.

[snip - more Ingrid ranting deleted.]

-------------------
Peace will not come out of a clash of arms but out of justice lived and done by unarmed nations in the face of odds. (Gandhiji)


Home ·  Site Map ·  What's New? ·  Search Nizkor

© The Nizkor Project, 1991-2012

This site is intended for educational purposes to teach about the Holocaust and to combat hatred. Any statements or excerpts found on this site are for educational purposes only.

As part of these educational purposes, Nizkor may include on this website materials, such as excerpts from the writings of racists and antisemites. Far from approving these writings, Nizkor condemns them and provides them so that its readers can learn the nature and extent of hate and antisemitic discourse. Nizkor urges the readers of these pages to condemn racist and hate speech in all of its forms and manifestations.