Re: Huge smurf attack

[Phil Howard <phil () whistler intur net>]

Dalvenjah FoxFire wrote:

> If that were true, we wouldn't have smurf attacks at all. There are
> still many, many clueless or otherwise incompetent ISPs and/or companies
> out there (many of whom are large ISPs and/or telcos who should know better
> but don't) who have many, many smurf-amplifier netblocks. Heck, the US
> Military has half of the entries at netscan.org (and they're supposedly
> the ones worried about "cyber-terrorism").

And most of the clueless ones can't seem to keep what talent they do
happen to get.  But the cause may not necessarily be lack of talent
that knows what to do (I'd like to think so as that does raise job
prospects, but reality is that it probably is not).


> I've come to the unfortunate conclusion that very few people seem to care
> about system and network security until they are directly affected because of
> something they neglected. If it were otherwise, you wouldn't see "well-known"
> sites such as Yahoo, the NY Times, starwars.com &etc. getting hacked
> week after week.

The cause seems to be that short-term thinking has prevailed over
long-term thinking.  Is it due to lack of oxygen (it's those ties)
or just the fact that this industry is growing so rapidly?  At least
I do what I can with the lack of resources and finances I have to
deal with.


> Much as I hate to say it, this seems to be one area where industry
> self-regulation has utterly failed. I don't know what would be a better
> solution; I hate to suggest government regulation. But I'm at a loss here.

What self-regulation?  I don't recall any at all.

-- 
 --    *-----------------------------*      Phil Howard KA9WGN       *    --
  --   | Inturnet, Inc.              | Director of Internet Services |   --
   --  | Business Internet Solutions |       eng at intur.net        |  --
    -- *-----------------------------*      philh at intur.net       * --