Original URL: http://www.theregister.co.uk/2011/03/18/bofh_2011_episode_3/

BOFH: In distributed denial

That's not where you're supposed to spread the peanut butter

By Simon Travaglia

Posted in BOFH, 18th March 2011 12:00 GMT

Episode 3

"Is there... something wrong with the internet?" our user asks quietly.

"No, no, pretty sure it's working fine," I say, looking over to the PFY's Bittorrent machine which is sucking up so much bandwidth it’s in danger of affecting the QoS of the phone system...

"It's just that I can't seem to connect to my home email," the user explains.

"Really? Well all I can say is that we're seeing some fairly blistering speeds at our end so perhaps the problem is localised at your end?"

"At Yahoo?" our user says doubtfully.

"Could be - they have their slow times too."

"Perhaps it's a denial of service attack?" the PFY says “You should ring them!!"

"Do you think so?"

"Absolutely" I add. "They might not even be aware someone's launching an attack at them...”

. . Five minutes later. . .

"Why's the network going so slow?" the Boss asks, rolling into Mission Control with a troubled expression.

"What do you mean slow?" I ask, stalling for time while the PFY shapes his Bittorrent traffic down to something that'll give the firewall CPU a chance to cool down to red hot.

"The internet, I keep getting errors about things being unreachable."

"Oh that'll be the denial of service at Yahoo >clickety<" the PFY says, going for a replay.

"No, I'm trying to get to eBay."

"Really - the attack must have moved!"

“A distributed distributed denial of services attack!” I gasp.

"You should let eBay know..." the PFY says

. . .Five minutes later . . .

"It's slow again" the Boss pronounces, back once more.

"What's slow again >clickety<?" the PFY asks.

"The internet, it's atrocious - and I've tried lots of sites."

"Not the Leather Nun porn sites again I hope" I blurt.

"THAT WASN'T ME, I KEEP TELLING YOU! SOMEONE MUST HAVE BEEN USING MY MACHINE!"

"Your honour" the PFY adds.

I cannot BEGIN to outline the HOURS of enjoyment you can have with a simple wireless keyboard and mouse and a dongle plugged into the back of the Boss’ desktop. I heartily recommend it.

At first it was just moving the mouse around and activating background windows when the Boss was typing but after a while that got a bit tame – till the PFY slapped a surreptitious webcam in the Boss’ office and cranked up the keyboard.

After that the Boss was scared to turn away from his monitor for fear of turning back to find some weird and gritty eastern European porn site up on the display – seconds before the PFY or I would stroll in with some work-related question.

Then there were the several email memos to the department with the last minute subject line changed to “I’m a horsefucker”.

It's working fine for me

Yes, yes, childish fun – but if you’re wanting to troll through the Boss’ private documents without suspicion then “Transient HID instability” is almost certain to get him to deliver it to you in no time – no questions asked.

"The network's working fine for me," I say "Look, eBay comes up no probs."

"I'm not the only one having problems!"

"Maybe it’s a distributed distributed denial of service attack from the inside?" I gasp.

"What do you mean?" the Boss asks in hushed tones. "That someone here's trying to upset our network access?"

"It's not unheard of.”

"You really think it’s internal?"

"It only appears to be affecting our department," I lie, "so it's probably someone on the same distribution switch as us. In the IT department."

"How would we know who?" the Boss asks.

"You mean personally or technically?"

"I... Personally?"

"Your average internal denial of service attacker is a disenfranchised member of a workplace community" the PFY monotones. "Easily led, they often believe their activity is justified because of an unaddressed workplace issue which has left them feeling underappreciated or unrespected – you know, like the blocking of the Ukrainian Peanut Butter Girls website."

“IT WAS THE BLOODY MACHINE!” the Boss says.

"Perhaps we should narrow it down from the entire IT department" I suggest.

"Yeah. It'll be the one who stays at his desk at lunchtime when everyone else leaves," the PFY predicts.

. . . That lunchtime after the PFY's given thebox.bz another good bashing . . .

"So it's that new bloke on the helpdesk!" the Boss snaps decisively.

"No!" the PFY says, in a tone of disbelief so real you’d almost think that the PFY had forgotten that the aforementioned geek had taken double helpings of onion bhajis in the cafeteria yesterday, leaving the PFY with none.

"Then who is it?" the Boss asks.

"No, I didn't mean it wasn't the bloke on the helpdesk," the PFY says, in tones so reasonable it would be hard to believe that he’d rung that call in about the problem that happens at exactly 12:34 every day – and could the helpdesk guy wait for him to call back...

"So it IS him?"

"Bound to be"

"Can't you just check the network switch to see...”

“No need,” the PFY says as I step behind one of the desks in Mission Control. “We’ve put a wireless camera in the pot plant in the helpdesk room…”

Moments later, in a million-to-one chance we catch the “hacker” choosing that moment to browse to a blackhat website and investigate DDoS software.

And the rest is history - the arrival of Security, the pathetic excuses, the tears, the recrimination, the Boss emailing the news of the dismissal to us all under the subject “I’ve got a tiny wiener”…

It’s all good fun.