North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Denial of service attacks apparently from UUNET Netblocks

  • From: Justin W. Newton
  • Date: Wed Oct 08 19:27:54 1997

At 05:57 PM 10/8/97 EDT, Barney Wolff wrote:
>Let me try again, since it seems I wasn't clear enough.  There's been
>a lot of delightful talk about whether/how to retrieve the calling phone
>on a given port.  But none about how to determine with confidence which
>port the nasty packets come from.  Without source address assurance,
>any user on any port of any dialin box can source packets with any IP
>address(es) desired.  So you don't know which port to go get ANI/CLID
>for.

I have been talking to several vendors for several months regarding setting
up filters with variables in them such as $MY_IP which would allow us to do
per port per IP filtering based on the IP address which is based on the IP
of the person dialed in was assigned either by the NAS or the RADIUS
server.  I know of at least 2 vendors which will be releasing the "soon".

**************************************************************
Justin W. Newton                        voice: +1-650-482-2840 	
Senior Network Architect                  fax: +1-650-482-2844
PRIORI NETWORKS, INC.                    http://www.priori.net
Legislative and Policy Director, ISP/C   http://www.ispc.org
"The People You Know.  The People You Trust."
**************************************************************