Feeds

BOFH: In distributed denial

That's not where you're supposed to spread the peanut butter

  • alert
  • submit to reddit

SANS - Survey on application security programs

It's working fine for me

Yes, yes, childish fun – but if you’re wanting to troll through the Boss’ private documents without suspicion then “Transient HID instability” is almost certain to get him to deliver it to you in no time – no questions asked.

"The network's working fine for me," I say "Look, eBay comes up no probs."

"I'm not the only one having problems!"

"Maybe it’s a distributed distributed denial of service attack from the inside?" I gasp.

"What do you mean?" the Boss asks in hushed tones. "That someone here's trying to upset our network access?"

"It's not unheard of.”

"You really think it’s internal?"

"It only appears to be affecting our department," I lie, "so it's probably someone on the same distribution switch as us. In the IT department."

"How would we know who?" the Boss asks.

"You mean personally or technically?"

"I... Personally?"

"Your average internal denial of service attacker is a disenfranchised member of a workplace community" the PFY monotones. "Easily led, they often believe their activity is justified because of an unaddressed workplace issue which has left them feeling underappreciated or unrespected – you know, like the blocking of the Ukrainian Peanut Butter Girls website."

“IT WAS THE BLOODY MACHINE!” the Boss says.

"Perhaps we should narrow it down from the entire IT department" I suggest.

"Yeah. It'll be the one who stays at his desk at lunchtime when everyone else leaves," the PFY predicts.

. . . That lunchtime after the PFY's given thebox.bz another good bashing . . .

"So it's that new bloke on the helpdesk!" the Boss snaps decisively.

"No!" the PFY says, in a tone of disbelief so real you’d almost think that the PFY had forgotten that the aforementioned geek had taken double helpings of onion bhajis in the cafeteria yesterday, leaving the PFY with none.

"Then who is it?" the Boss asks.

"No, I didn't mean it wasn't the bloke on the helpdesk," the PFY says, in tones so reasonable it would be hard to believe that he’d rung that call in about the problem that happens at exactly 12:34 every day – and could the helpdesk guy wait for him to call back...

"So it IS him?"

"Bound to be"

"Can't you just check the network switch to see...”

“No need,” the PFY says as I step behind one of the desks in Mission Control. “We’ve put a wireless camera in the pot plant in the helpdesk room…”

Moments later, in a million-to-one chance we catch the “hacker” choosing that moment to browse to a blackhat website and investigate DDoS software.

And the rest is history - the arrival of Security, the pathetic excuses, the tears, the recrimination, the Boss emailing the news of the dismissal to us all under the subject “I’ve got a tiny wiener”…

It’s all good fun.

3 Big data security analytics techniques

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
IBM rides nightmarish hardware landscape on OpenPOWER Consortium raft
Google mulls 'third-generation of warehouse-scale computing' on Big Blue's open chips
It's GOOD to get RAIN on your upgrade parade: Crucial M550 1TB SSD
Performance tweaks and power savings – what's not to like?
AMD's 'Seattle' 64-bit ARM server chips now sampling, set to launch in late 2014
But they won't appear in SeaMicro Fabric Compute Systems anytime soon
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.