North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Government scrutiny is headed our way

  • From: Joe Shaw
  • Date: Sun Jun 21 01:32:24 1998

On Sat, 20 Jun 1998, Henry Linneweh wrote:

> Well DoS and smurf are only different in terms of the packet amounts and
> method to convey them, so in essence A smurf is another form of DoS on
> A larger scale. An existing law already covers that.

How do you come up with that?  A DoS attack is anything that makes a
resource on a host or network unusable.  Let's remember that the whole
point of the attack is to deny service, whether it be pop3 service with a
syn flood or bandwidth with smurf, fraggle, or generic ping flood.  A
smurf attack is a DoS is a DoS is a DoS.

> If A NOC refuses to obey the law and investigate on behalf of a paying
> client that DoS has occurred than they become party to a criminal act
> after the fact and are as guilty as the originator of the attack and can
> be held accountable and their staff can arrested and you have the
> right to sue for $4000.00 as do each one of your individual
> customers.

I've never heard a NOC say they wouldn't track it down, although I'm sure
it's happened in the past.  Mostly I've heard that a NOC was incapable of
tracking it down because of router overhead.  Not to mention the packets
are almost always going to be traced back to the known smurf amplifiers.
If it was easy to find people responsible for the operations of those nets
and get them on the horn we could have had the smurf problem fixed a long
time ago.  I would like to see if taking one of those people into court
for being an unknowing party to the crime would be effective. 

> Sometimes you have to look at what you have and realize how
> to use it for the benefit of the whole.

Indeed, but how many people want to invest the time and money involved in
prosecuting a smurf attack?  Has anyone successfully done it yet?

> As for smurfs crossing international borders where such attacks generally
> occur from, A group representation to the FCC needs to be formed and
> the FCC needs then to communicate with its counterpart on the foreign
> soil using existing treaties that would make that a violation of non
> aggression
> pacts and interference in a foreign government and denial of its citizens to
> communicate pursuant to their constitution  the right of free speech.
> 
> In A technical sense smurfs from foreign shores are an act of war on
> networks of the United States by the purposeful intent to disrupt
> destroy and cripple its computer network infrastructure with A
> Smurfing mechanism.
> 
> Henry R. Linneweh

What needs to happen is things like IPSec, ISAKMP, and Oakley become prime
time so authenticating packets becomes a trivial issue.  However, the U.S.
Crypto Nazis make it impossible for it to be developed in this country
because if it is, then it cannot be exported to other countries unless in
a weakened state.  I don't claim to be a crypto person, but when you think
about how the game is played, getting to the real root of the problem may
not be an answer you like.  I'm as patriotic as the next guy [you can read
that however you like], but for crypto authentication solutions to work
our government needs to get their hands out of it.  

Joe Shaw - [email protected]
NetAdmin - Insync Internet Services