|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Arbor Networks DoS defense product
Hi, Pete. ] With the number of always-on broadband residential and ] small-business customers, are education networks still the The broadband ranges are now quite popular with the miscreants. Several of the bots I've recovered conduct targeted scans of the broadband prefixes. While scanning the entire IPv4 address space - including the bogons - does yield a lot of hax0red hosts, it also produces a lot of noise. FYI, the miscreants also _avoid_ certain netblocks in which, they believe, honeypots and other things reside. When scanning for easily hacked routers, the miscreants target the ranges they believe contain "mad fast routers," e.g. routers with > T1 connectivity. In the case of both hosts and routers, it is increasingly common for the miscreants to test the bandwidth capabilities of the device. The sluggish are left unused by many crews (or traded in the very active underground economy). Thanks, Rob. -- Rob Thomas http://www.cymru.com/~robt ASSERT(coffee != empty);
|