|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: A modest proposal
Allan Chong put this into my mailbox:
>
> > This discussion of securing dialup servers is pointless. I guarantee
> > you that the 2000 packet/second SYN attacks we've been seeing are
> > coming from a compromised host on a high speed connection and not from
> > someone's 28.8k dialup connection. The hackers just take over a
> > machine, use it to launch their attacks, and disappear into the jungle
> > if we manage to find the particular machine they're using tonight.
> >
>
> Yes, I realize no one is launching directly from dialup, but often,
> the user is someone originally dialed up and telneted to some box
> (or through multiple boxes).
I'd just like to offer some perspective here. The majority of these types
are complete idiots - and this is speaking from experience. For some reason
or other a lot of these get their start on IRC, and then go from there, and
I get to see them in the 'formative stages', as it were.
I haven't used any myself, but apparently there are several software
packages out there with a pretty graphical front end, complete with
Hollywood-style "Click to destroy machine" buttons and menus.
I have indeed seen that the majority of these types believe that it's
perfectly possible to ping -f or nuke/SYNflood/whatever a machine from a
14.4k or 28.8k dialup. Granted it may not be as bad as the Panix case, but
it's still an incredible nuisance.
What I'm trying to say is don't dismiss this as not possible. With the
current level of public education about the Internet - "How do I get to that
superhighway information thing? I'm interested in Route 25.." - it can and
is very possible that people will do things like this from a 28.8k. I've seen
it happen.
(I'm not trying to say there isn't a range, though - I've gotten several
"I'll destroy your machine with my tee3 account!" threats as well.)
-dalvenjah
Dalvenjah FoxFire, the Teddy Dragon (also known as Sven Nielsen to some :)
[email protected] --- dalvenjah on IRC
Remember: if you're not on DALnet, you're on the wrong IRC server!!
(/serv irc.dal.net 7000 or telnet telnet.dal.net to try it out)
--
____ _ _ _ "I had the dagger in my hand, and he has
| _ \ __ _| |_ _____ _ _ (_)__ _| |_the indecency to start dying on his own!"
| |_) / _` | \ V / -_) ' \ | / _` | ' \ --Ambassador G'kar, Babylon 5
|____/\__,_|_|\_/\___|_||_|/ \__,_|_||_| FoxFire -- [email protected] -- (SN90)
|__/
- - - - - - - - - - - - - - - - -
|