|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Government scrutiny is headed our way
On Wed, Jun 17, 1998 at 06:33:14AM -0400, Richard Thomas wrote: > -----Original Message----- > From: Karl Denninger <[email protected]> > To: Jay R. Ashworth <[email protected]> > Cc: [email protected] <[email protected]> > Date: Tuesday, June 16, 1998 3:54 PM > Subject: Re: Government scrutiny is headed our way > > > >> > Since they don't cooperate, the only two defenses are: > >> > > > >> > 1. Black-hole detected amplifier networks (what we're doing here). > >> > >> Indeed. And what I think is the best approach. Kick 'em in the > >> nads^Wnets. > > > >Not really. The best approach is to nail a few of these folks with felony > >indictments for the denial of service attacks, and the theft of the > >amplifier network's services. That would stop this practice cold. > > > Unfortunantly I highly doubt this will have much impact. Firstly, all of the > "smurf kiddies" are using hacked shells, so when you trace it back to them > they don't care, they just move to the next machine. Secondly, the most > annoying > and persistant smurfers (read "conflict") are too stupid to know better even > if you > start bumping off smurfers left and right. You're likely to scare the casual > immoral > network admin who smurfs his isp's competition or such, but thats about it. > > My strategy is to hit the smurfers where it hurts, the broadcasts. I email > the broadcast > network, and their uplink, and their uplink, until something gets done. If > you can exaust > their broadcasts quickly enough it becomes too "expensive" for them to > continue. Well, we do it one better - we black-hole the network. I just added another ~60 prefixes to the list after another persistent smurf attack. I've given up trying to trace them myself (although we do report it) because the big networks, where this originates, are unwilling to help in a timely fashion. If people bitch about the connectivity loss, well tough shit. Better to have a working network that can get to 99.5% of the Internet than a completely trashed one with full visibility. I'm going to have to talk to our lawyers about whether or not we could *sue* the amplifier networks. Most of them are truly large organizations (ie: universities, big corporations, big national providers, etc) and could easily pay such a judgement. Heh, now there's an idea :-) -- -- Karl Denninger ([email protected])| MCSNet - Serving Chicagoland and Wisconsin http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV | NEW! Corporate ISDN Prices dropped by up to 50%! Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost
|