North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Solution: Re: Huge smurf attack

  • From: Peter Swedock
  • Date: Thu Jan 14 10:38:52 1999

On Jan 13,  1:23pm, Phil Howard wrote:
> Filtering .0 and .255, or filtering echos or ICMPs, are all indeed a form
> of "fixing" the symptom.  These things are being done because fixing the
> cause isn't practical.
> But what is the cause?  Is it that kids with scripts will attack and try
> to bring down an IRC server or the network that hosts it?  Or is it that
> they have the scripts in the first place?  Or is it that they are using
> networks that allow them to do this in the first place?

I think blamin' the 'scriptkidz' in this instance isn't accurate. I think this
incident had a political component that is overlooked here, and one that
requires discussion. And that this smurfing was, quite possibly, an answer to
that political component.

I'm speaking about the "Nuremburg Files" which is downstream of Mindspring. For
those of you who don't know, this page is a listing of abortion providers,
clinic workers and their respective spouses.  Those abortion providers and
clinic workers who have been killed are struck-through on this page, those who
have been wounded, or who have stopped providing abortions for whatever reason,
are grayed out and those remaining are, for lack of a better term, targeted,
through the collection of personal information (licsense plate numbers, home
addresses, phone numbers, etc...)

I bring this up, not to discuss content, but because a lawsuit has been
brought, and which began Friday, against this page charging that it is a
hit-list that crosses the line of free speech into incitement to violence. The
suit has received some national attention (was prominently featured on the CNN
webpage) and appears to be, at present, ground zero for the pro-life/pro-choice

Given all that, is it hard to beleive that some-one, moderately skilled in
networking but extreme in political views, attempted to shut down this page by
shutting down Mindspring?

This is the real world, people. This isn't the goodgeeks vs. the skriptkiddiez
in their own private internet bubble.  It is entirely plausible (even likely,
given the timing of the case opening Friday, the subsequent publicity and the
"huge smurf attack" Saturday...) that this was a political act, and guess
what... we're squeezed in the middle. It ain't about which side of the debate
any on NANOG will fall on, but the fact that the debate may be falling on us.

> The cause of burglaries and thefts is bad people.

But the cause of political terrorism is extreme people.  I think that, if this
smurf attack was in response to the web page "The Nuremburg Files", it is an
act of terrorism in response to an act of terrorism: that is to say the page is
extreme, so why do we not expect responses to it to be extreme?  And, in the
middle, network engineers putting out the fires... networks being the
battlegrounds that these people have chosen.

> I admire Mindspring's position of making Internet access unrestricted.
> But what is the real motivation?  Is it the goal of "perfect IP" or is
> the business case of decreasing tech support costs?  They are, afterall,
> in the business of providing consumer dialup access, and as we all know
> that line of business is very costly in areas of tech support.  Network
> attacks are also a real cost.  I would suggest that treating some of the
> symptoms, at least for now, will cut some costs until the day that we
> can achieve the utopian goal of the perfect solution to the cause.

But if you want "unrestricted internet access" you'll get pages like "The
Nuremburg Files" and you'll get people who object to that...

I don't know what the solution is... but I do think we'll all be better off
opening our eyes to the situation, rather than simply blaming the



"Everything should be made as simple as possible, but not simpler"
						  A. Einstein

Petr Swedock, Associate Engineer                           |
Network Operations                                    ,o __|-.
GTE INTERNETWORKING, POWERED BY BBN              ,_~o/   \/   \
ph: 781.262.6300/781.262.6541                      |/         |
fax: 781.262.6234 				  / >         |
                                                 '  `         |
email: [email protected]/[email protected]               |