North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Is there a line of defense against Distributed Reflective attacks?
I guess the question of all this is may be... what could be done to perhaps... to minimize the impact of DoS attacks pointed at a victim host? Getting everyone to take security more seriously will most likely never going to happen.. :( -hc On Fri, 17 Jan 2003, Clayton Fiske wrote: > > On Fri, Jan 17, 2003 at 06:38:08PM +0000, Christopher L. Morrow wrote: > > > > On Fri, 17 Jan 2003, John Kristoff wrote: > > > > > impractical). If the sources can be tracked, perhaps they can be > > > stopped (but large number of sources make this a scaling issue and > > > sometimes not all responsible parties are as cooperative or friendly > > > as you might like). There is also the threat of legal response, which > > > could encourage networks and hosts to stop and prevent attacks in the > > > > Legal response to the kiddies has never shown a marked improvement in > > their behaviour. Much like the death penalty... its just not a deterrent, > > perhaps because its not enforced on a more regular basis, perhaps because > > no one thinks about that before they attack. > > I think John was more referring to legal action against networks and > hosts used in the attack. > > Without getting too much into the likelihood of any legal body actually > understanding anyone's role in an attack besides the attacker and the > victim, in this land where tobacco companies are sued by smokers who > get lung cancer and fast food restaurants are sued by fat people there > must be room for such cases as: > > "XYZ Corp cost me $5mil in lost business. They were negligent in > securing their (network|host) from being used as a DoS attack tool > despite being informed of such by us both before and during said > attack." > > Perhaps this would cause companies to take security more seriously? > > Have there been any such cases to date? Did they win? > > -c > >
|