North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Possible scam: "Network Abuse"

  • From: Ehud Gavron
  • Date: Wed Aug 05 00:09:19 1998

This "fellow" sent out this email.

Unfortunately, our networks were not used to attack him (or anyone),
and upon request for NTP-stamped logs, he quit responding to email.

I recommend warning your downstreams that this kind of scam is only
just begging.  Imagine... $100 for "no ip direc...."

--- Begin Message ---

My name is Andrew Shoemaker and I am the head security consultant at JNS. We recently were the target of a denial of service attack that saturated our Internet connection.  This attack, known as a 'smurf' attack, uses unknowing relays to source the at
tack.  By relaying the attack through your network the attack is made anonymous and increases in strength.  This type of attack causes degraded performance on both the attacked and relay networks and is the result of an improperly configured router at you
r site.  I urge you to fix your routers.  If you are unable to do so, or do not know how I suggest you call a security consultant.  JNS is willing to fix your router permanently for a one time fee of $100 US.  If you are interested in this deal please co
ntact me and I will send you a copy of our security contract and an invoice.

Netblock was found to produce 19 replys for each packet sent.  This means if the attacker is sending at T1 speeds the amount of your bandwidth used in relaying
 the attack is equivalent to 19 T1s

Andrew Shoemaker
JNS Security
[email protected]
--- End Message ---