North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Solution: Re: Huge smurf attack
Btw. For the victim, there is not difference between - - smurf amplifies abused by the hacker; - broken box abused by the hacker to create flood attack; - broken dialup provider abused to send spam. Don't talk about the smurf, talk about badly-secured systems. Open direct-broadcast is one example; open SMTP relay is another one; non-fixed exploit abused to get root access is the third example. This common case is - _someone does not secure his box/lan from abuse; what should we do_. The forths case is (not yet) - ISP does allow to send frauded SRC addresses. On Sat, 16 Jan 1999, Steven J. Sobol wrote: > Date: Sat, 16 Jan 1999 12:35:12 -0500 > From: Steven J. Sobol <[email protected]> > To: Harold Willison <[email protected]> > Cc: Joe Shaw <[email protected]>, [email protected] > Subject: Re: Solution: Re: Huge smurf attack > > On Thu, Jan 14, 1999 at 12:46:44PM -0500, Harold Willison wrote: > > > > Tracking down a smurf amplifier is not a problem. Getting the folks to > > fix it > > is a little harder than it should be now, as most of the folks left > > with open > > amplifiers have been notified and have to this point refused to fix or > > are unable to fix it. > > Oh, good... then if they refuse to fix their problem, and it can be documented > that they refuse to fix their problem, and someone uses them as an amplifier, > they can get sued. I hope we have some documentation that these people refuse > to do anything. > > -- > Steve Sobol [[email protected]] > Part-time Support Droid [[email protected]] > NACS Spaminator [[email protected]] > > Proud resident of Cleveland Heights, Ohio, the coolest place on earth. > http://www.ClevelandHeights.com > Aleksei Roudnev, Network Operations Center, Relcom, Moscow (+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 239-10-10, N 13729 (pager) (+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)
|