North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Solution: Re: Huge smurf attack
Peter/ I am not sure about last smurf incident, but don't overestimate _dark minds_ caused this incident. I am 99.9% shure all (ALL) this incidents complained about in NANOG was the same _kidscripts_. This do not mean you should not prevent the possibility of _cyberterrorism_, and let's this _kid's plays_ help to pay attention to the security holes we have over the Internet. On Thu, 14 Jan 1999, Peter Swedock wrote: > Date: Thu, 14 Jan 1999 15:13:34 +0000 > From: Peter Swedock <[email protected]> > To: Phil Howard <[email protected]>, > Brandon Ross <[email protected]> > Cc: [email protected] > Subject: Re: Solution: Re: Huge smurf attack > > On Jan 13, 1:23pm, Phil Howard wrote: > > > > Filtering .0 and .255, or filtering echos or ICMPs, are all indeed a form > > of "fixing" the symptom. These things are being done because fixing the > > cause isn't practical. > > > > But what is the cause? Is it that kids with scripts will attack and try > > to bring down an IRC server or the network that hosts it? Or is it that > > they have the scripts in the first place? Or is it that they are using > > networks that allow them to do this in the first place? > > I think blamin' the 'scriptkidz' in this instance isn't accurate. I think this > incident had a political component that is overlooked here, and one that > requires discussion. And that this smurfing was, quite possibly, an answer to > that political component. > > I'm speaking about the "Nuremburg Files" which is downstream of Mindspring. For > those of you who don't know, this page is a listing of abortion providers, > clinic workers and their respective spouses. Those abortion providers and > clinic workers who have been killed are struck-through on this page, those who > have been wounded, or who have stopped providing abortions for whatever reason, > are grayed out and those remaining are, for lack of a better term, targeted, > through the collection of personal information (licsense plate numbers, home > addresses, phone numbers, etc...) > > I bring this up, not to discuss content, but because a lawsuit has been > brought, and which began Friday, against this page charging that it is a > hit-list that crosses the line of free speech into incitement to violence. The > suit has received some national attention (was prominently featured on the CNN > webpage) and appears to be, at present, ground zero for the pro-life/pro-choice > debates... > > Given all that, is it hard to beleive that some-one, moderately skilled in > networking but extreme in political views, attempted to shut down this page by > shutting down Mindspring? > > This is the real world, people. This isn't the goodgeeks vs. the skriptkiddiez > in their own private internet bubble. It is entirely plausible (even likely, > given the timing of the case opening Friday, the subsequent publicity and the > "huge smurf attack" Saturday...) that this was a political act, and guess > what... we're squeezed in the middle. It ain't about which side of the debate > any on NANOG will fall on, but the fact that the debate may be falling on us. > > > The cause of burglaries and thefts is bad people. > > But the cause of political terrorism is extreme people. I think that, if this > smurf attack was in response to the web page "The Nuremburg Files", it is an > act of terrorism in response to an act of terrorism: that is to say the page is > extreme, so why do we not expect responses to it to be extreme? And, in the > middle, network engineers putting out the fires... networks being the > battlegrounds that these people have chosen. > > > I admire Mindspring's position of making Internet access unrestricted. > > But what is the real motivation? Is it the goal of "perfect IP" or is > > the business case of decreasing tech support costs? They are, afterall, > > in the business of providing consumer dialup access, and as we all know > > that line of business is very costly in areas of tech support. Network > > attacks are also a real cost. I would suggest that treating some of the > > symptoms, at least for now, will cut some costs until the day that we > > can achieve the utopian goal of the perfect solution to the cause. > > > But if you want "unrestricted internet access" you'll get pages like "The > Nuremburg Files" and you'll get people who object to that... > > I don't know what the solution is... but I do think we'll all be better off > opening our eyes to the situation, rather than simply blaming the > 'skriptkiddiez'. > > Peace, > > Petr > > -- > "Everything should be made as simple as possible, but not simpler" > A. Einstein > > Petr Swedock, Associate Engineer | > Network Operations ,o __|-. > GTE INTERNETWORKING, POWERED BY BBN ,_~o/ \/ \ > ph: 781.262.6300/781.262.6541 |/ | > fax: 781.262.6234 / > | > ' ` | > email: [email protected]/[email protected] | > ______________________________________________________________| > Aleksei Roudnev, Network Operations Center, Relcom, Moscow (+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 239-10-10, N 13729 (pager) (+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)
|