North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: identify hostname

  • From: Alex P. Rudnev
  • Date: Tue Dec 01 07:36:19 1998

> > > 1Cust76.tnt1.sfo2.da.
> > 
> > Id say that looks like uunet. Again. Sigh.
> > 
> > UUnet uses ascend TNT's which they claim you cant filter 
> > directed-broadcast on. Ive ranted at them since October 20 to get this
> > serious security hole closed.
If they can't turn this off on ascend access server, they anyway can 
filter out broadcast addresses in their border routers (CISCO's) 
forwarding traffic to this access servers. The result is (almost) the 
same.


> 
> I've been yelling at them about that as well as not being able or willing
> to reverse trace spoof attacks.  This attack, however, would not have been
> stopped by such filters, this is just the address that someone used to
> break into a server with.
> 
> Thanks for your help.
> 
> Brandon Ross            Network Engineering     404-815-0770 800-719-4664
> Director, Network Engineering, MindSpring Ent., Inc.  [email protected]
>                                                             ICQ:  2269442
> 
> Stop Smurf attacks!  Configure your router interfaces to block directed
> broadcasts. See http://www.quadrunner.com/~chuegen/smurf.cgi for details.
> 
> 

Aleksei Roudnev, Network Operations Center, Relcom, Moscow
(+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 239-10-10, N 13729 (pager)
(+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)