Web Attacks Expand in Iran’s Cyber Battle

Wired.com

* By Noah Shachtman Email Author
* June 16, 2009 |

More and more of Iran’s pro-government websites are under assault, as opposition forces launch web attacks on the Tehran regime’s online propaganda arms.

What started out as an attempt to overload a small set of official sites has now expanded, network security consultant Dancho Danchev notes. News outlets like Raja News are being attacked, too. The semi-official Fars News site is currently unavailable.

“We turned our collective power and outrage into a serious weapon that we could use at our will, without ever having to feel the consequences. We practiced distributed, citizen-based warfare,” writes Matthew Burton, a former U.S. intelligence analyst who joined in the online assaults, thanks to a “push-button tool that would, upon your click, immediately start bombarding 10 Web sites with requests.”
~more~


Meanwhile, San Francisco technologist Austin Heap has put together a set of instructions on how to set up “proxies” — intermediary internet protocol (IP) address — that allow activists to get through the government firewall. And the Networked Culture blog has assembled for pro-democracy sympathizers a “cyberwar guide for beginners.” Stop publicizing these proxies over Twitter, the site recommends. Instead, send direct messages to “@stopAhmadi or @iran09 and they will distributed them discretely to bloggers in Iran.” Other advice:

• Keep you bull$hit filter up! Security forces are now setting up twitter accounts to spread disinformation by posing as Iranian protesters. Please don’t retweet impetuosly, try to confirm information with reliable sources before retweeting. The legitimate sources are not hard to find and follow.
• Help cover the bloggers: change your twitter settings so that your location is TEHRAN and your time zone is GMT +3.30. Security forces are hunting for bloggers using location and timezone searches. If we all become ‘Iranians’ it becomes much harder to find them.
• Don’t blow their cover! If you discover a genuine source, please don’t publicise their name or location on a website. These bloggers are in REAL danger. Spread the word discretely through your own networks but don’t signpost them to the security forces. People are dying there, for real, please keep that in mind.
• Denial of Service attacks. If you don’t know what you are doing, stay out of this game. Only target those sites the legitimate Iranian bloggers are designating. Be aware that these attacks can have detrimental effects to the network the protesters are relying on. Keep monitoring their traffic to note when you should turn the taps on or off.