nanog mailing list archives
Re: How worried is too worried? Plus, a Global Crossing Story.
From: "Christopher Wolff" <chris () bblabs com>
Date: Fri, 26 Oct 2001 00:10:52 -0700
James, As someone recently said, cmd.exe and root.exe are my two top URL's haha Actually I have a NBAR list on my border routers that handle those extremely well. ---------- Original Message ---------------------------------- From: James Thomason <james () divide org> Date: Thu, 25 Oct 2001 23:56:03 -0700 (PDT)
Perhaps you can speak with your friends at Global Crossing, and have filters placed on your upstream routers to prevent stray "DDOS attacks from Digital Island". Just curious, but aren't you a little more concerned about all of those "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../ winnt/system32/cmd.exe?/c+dirHTTP/1.0" requests than a few ICMP datagrams from Digital Island? Regards, James On Thu, 25 Oct 2001, Christopher Wolff wrote:I truely enjoyed the wide range of reponses to my Digital Island post. Everything from DI is perfectly justified to 'tell DI to stick it' haha. I certainly do not run the largest ISP, nor the smallest, but my small company is managing customer connectivity on both coasts of the continental US. My customers know me as the one that cares about their network infrastructure and can answer most questions quickly. I enjoy offering personal service. I also take pride in managing my network well. I know, for the most part, what kinds of traffic are passing through my network. This helps me take a proactive stance to issues before they become my customers' business impediments. Therefore, I have to respectfully take exception to the opinion of "Welcome to the Internet, there's nothing you can do, just don't worry about 441 packets." I partner with companies that share my view of network management. Recently I had an issue with a customer that was claiming poor throughput. Global crossing did everything in their power to analyze their network, my network, and my customers server farm. Although this turned out to be a TCP/IP tuning issue on the particular host, Global Crossing did not charge me a premium for investigating this issue. Throughout this resolution, Global Crossing earned my respect and confidence that I am *partnered* with a vendor instead of just buying bandwidth from them. Just my $0.02, Christopher J. Wolff, VP, CTO Broadband Laboratories
Current thread:
- How worried is too worried? Plus, a Global Crossing Story. Christopher Wolff (Oct 25)
- Re: How worried is too worried? Plus, a Global Crossing Story. James Thomason (Oct 26)
- Re: How worried is too worried? Plus, a Global Crossing Story. Steve Gibbard (Oct 26)
- Re: How worried is too worried? Plus, a Global Crossing Story. Adam Rothschild (Oct 26)
- Re: How worried is too worried? Plus, a Global Crossing Story. Alex Rubenstein (Oct 26)
- <Possible follow-ups>
- Re: How worried is too worried? Plus, a Global Crossing Story. Christopher Wolff (Oct 26)