Security Incidents mailing list archives
RE: DOS ATTACK
From: "McCammon, Keith" <Keith.McCammon () eadvancemed com>
Date: Wed, 30 Oct 2002 16:41:47 -0500
[Let the flame wars begin...] Well, first of all, law enforcement typically won't intervene unless it can be demonstrated that 1) the offense has resulted in considerable financial loss, or 2) some other law is being broken (i.e., the transfer of stolen CC numbers or kiddie porn). Relative to large-scale DDoS attacks and credit card theft, bandwidth loss due to excessive use of the iframe is going to take a long time to amass the numbers required to get someone's attention. And secondly, why tie up already over-taxed LE resources, when 1) there is already a commonly-known complaint chain in place to deal with such things (report to technical contact, report to ISP, report to upstream, report to law enforcement), and 2) in the vast majority of cases a simple *technical* fix will correct the *technical* problem faster than anyone in the aforementioned chain could probably respond? Just some things to chew on :) Cheers Keith
-----Original Message----- From: Gary Flynn [mailto:flynngn () jmu edu] Sent: Wednesday, October 30, 2002 8:23 AM To: Incidents () securityfocus com Subject: Re: DOS ATTACK I believe it says a lot about the sorry state of the Internet when all the suggestions to a crime of vandalism or harassment consist of technical measures and nobody has suggested law enforcement. Are we all reduced to fiefdoms needing our own department of defense and without the protection of our legal system? Where else are such frequent crimes so nonchalantly expected and dealt with by the victim? I realize that law enforcement probably has more pressing problems needing its limited resources but this is getting pathetic. -- Gary Flynn Security Engineer - Technical Services James Madison University Please R.U.N.S.A.F.E. http://www.jmu.edu/computing/runsafe -------------------------------------------------------------- -------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: DOS ATTACK, (continued)
- Re: DOS ATTACK Kurt Seifried (Oct 31)
- Re: DOS ATTACK Jay D. Dyson (Oct 31)
- Re: DOS ATTACK Gary Flynn (Oct 31)
- Re: DOS ATTACK Richard Archer (Oct 29)
- RE: DOS ATTACK David Vincent (Oct 28)
- RE: DOS ATTACK McCammon, Keith (Oct 28)
- RE: DOS ATTACK Rob Keown (Oct 28)
- RE: DOS ATTACK Muhammad Faisal Rauf Danka (Oct 28)
- RE: DOS ATTACK Black, Braden (Oct 29)
- Re: DOS ATTACK james (Oct 30)
- RE: DOS ATTACK McCammon, Keith (Oct 31)