Re: find_ddos results

[Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>]

On Tue, 21 Nov 2000, Ryan Russell wrote:

> The majority of my surprise had to do with the fact that the campus
> security guy didn't want to play a role in getting a DDoS agent off
> his net.  I've been told that UNM has a reputation for lax security,
> and no follow-up.  This thread would seem to confirm that.  Such a
> reputation can only be self-fullfilling I think, unless a lot of
> effort is put into making it otherwise.

in the respect that they didn't come to your rescue, knocking down your
door, they're too common as a university. at least your university has a
security officer.

however, this past spring we were following up on a ddos network and unm
was a major distribution point for it. they responded within 5 minutes and
we went back and forth for a few hours. this was on a friday afternoon (ie
when people are going home to tie a few on). they're not too bad about
security from that standpoint, and they were most helpful and polite. as
such, i can't say i agree with you about their ignoring the security
situation overall. they're probably just in the same boat as other
university sites: understaffed, underequipped, and attempting to triage in
an effort to cope.

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)