North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Denial of service attacks apparently from UUNET Netblocks
> I would not be surprised if the caller's phone number were logged, most > modern modem banks talk ANIS and DNIS, which if I'm remembering correctly > is basically caller ID. I'm thinking of putting this on our POP, as there > doesn't seem to be an extra charge to get the data from the telco. I would have to disagree, in Canada anyway, the telco charges extra for these features, andand while the modemracks will support it few if any ISP are gonna spend the $$$ for it. Until of course they are attacked and loose business and then the VP's the cost of NOT having it. -Jim > > Charles > > ~~~~~~~~~ ~~~~~~~~~~~ > Charles Sprickman Internet Channel > INCH System Administration Team (212)243-5200 > [email protected] [email protected] > > On Mon, 6 Oct 1997, Phil Howard wrote: > > > Date: Mon, 6 Oct 1997 21:30:11 -0500 (CDT) > > From: Phil Howard <[email protected]> > > To: [email protected] > > Cc: [email protected] > > Subject: Re: Denial of service attacks apparently from UUNET Netblocks > > > > Steve Mansfield writes... > > > > [snip snip snip] > > > > > S'okay. Have the feds subpoena UUNET for the connect logs for these > > > max'es. UUNET keeps the logs and is capable, given the exact time of the > > > attack(s), of going through the logs, identifying exactly who it was, and > > > if it's one of their customers, giving the personal info to the feds. > > > If it's a reseller's customer, they can get the user info and forward it to > > > the reseller and inform the feds who they need to talk to for the personal > > > info. Whoever it was is as good as nailed. > > > > Unless it was a stolen account. With more and more "naive" users coming > > online, the chance of this kind of thing happening is greater and greater. > > You can shut off the account. Feds can visit the home of whoever owns the > > account. They can even be blocked from ever getting any account at any > > ISP for life. But if this possibility is fact, you won't have the perp > > and they can attack again. > > > > Now if the telco has records of all the phone calls you can find out where > > the calls actually came from. Maybe that's the perp. Maybe not. > > > > What is ultimately needed is some better real time detection of this kind > > of thing sufficiently deployed so that it is present on all routers where > > the exposure exists. You may not catch the perp, but you might reduce the > > damage it causes. > > > > How to encourage this to be done is left as an exercise for the reader. > > > > -- > > Phil Howard +-------------------------------------------------------------+ > > KA9WGN | House committee changes freedom bill to privacy invasion !! | > > phil at | more info: http://www.news.com/News/Item/0,4,14180,00.html | > > milepost.com +-------------------------------------------------------------+ > > > >
|