Comment on Trump social media site brought down by Iran hackers
theherk@lemmy.world 1 day agoDisabling network security and edge devices to change the properties of ingress can absolutely be a component of an attack plan.
Just like overwhelming a postal sorting center could prevent a parcel containing updated documentation from reaching the receiver needing that information.
Kazumara@discuss.tchncs.de 22 hours ago
I haven’t heard of a firewall failing open when overwhelmed yet. Usually quite the opposite, a flood disables access to more than just the targeted device, when the state table overflows.
But maybe there is a different mechanism I’m not aware of. How would the DDoS change the properties of ingress?
theherk@lemmy.world 21 hours ago
By denying access to resources in a primary region, one might force traffic to an alternate infrastructure with a different configuration. Or maybe by overwhelming hosts that distribute BGP configurations. By denying access to resources, sometimes you can be routed to resources with different security postures or different monitoring and alerting, thus not raising alarms. But these are just contrived examples.
Compromising devices is a wide field with many different tools and ideas, some of which are a bit off the wall and nearly all unexpected, necessarily.