nanog mailing list archives
Re: Scaled Back Cybersecuruty
From: "Christopher L. Morrow" <chris () UU NET>
Date: Tue, 14 Jan 2003 19:36:23 +0000 (GMT)
On 14 Jan 2003, Paul Vixie wrote:
This is alarming, considering the increase in attacks against infrastructure, and the sophistication of attacks over the last year. And we still use basically the same ineffective techniques to counteract and track attacks that became household words two years ago.yes.I suspect a very effective worm would change this pretty quickly, most likely through onerous regulation. It's surprising that it hasn't happened already.i've had absolutely no luck getting the source isp's to care about the problems i've seen at my home firewall in recent weeks. (see below if you wonder whether i'm implicating anyone here.) there's no other way to view the internet than as a worm-infested zombie.
One problem with notifications typically (that I've seen) is that there is no one to notify... there may be an email address, but most likely that's not even watched/read/responded-to/reacted-upon. From my experience we recieve less than 1 in 3K responses :( For UUNET I know that there is a response and action on 'all' complaints, provided there is enough info to take some action. NOTE, that action might not be 'disconnect' it might be 'notify downstream customer'... but atleast someone is doing something :) And there is a 24/7 security group responsible for dealing with live incidents. This is also not very common at most organizations. :( To start fixing this problem every ISP really needs some security folks dedicated to customer security issues... These folks need to have the ability to contact customers and shut off services until the problem has been rectified. Hopefully, once there are security folks at all ISP's the ISP's will be able to speak intelligently and civily to each other to cooperate and contain problems.
(this is a grep of just the port scans and attacks against ftp here.) -- snipped --
Current thread:
- Scaled Back Cybersecuruty sgorman1 (Jan 07)
- Re: Scaled Back Cybersecuruty Pete Kruckenberg (Jan 08)
- Re: Scaled Back Cybersecuruty Paul Vixie (Jan 08)
- Re: Scaled Back Cybersecuruty Kelly J. Cooper (Jan 14)
- Re: Scaled Back Cybersecuruty Paul Vixie (Jan 08)
- <Possible follow-ups>
- Re: Scaled Back Cybersecuruty Avi Freedman (Jan 14)
- Re: Scaled Back Cybersecuruty Martin Hannigan (Jan 14)
- Re: Scaled Back Cybersecuruty Pete Kruckenberg (Jan 14)
- Re: Scaled Back Cybersecuruty Paul Vixie (Jan 14)
- Re: Scaled Back Cybersecuruty Christopher L. Morrow (Jan 14)
- Re: Scaled Back Cybersecuruty Andy Dills (Jan 14)
- Re: Scaled Back Cybersecuruty Martin Hannigan (Jan 14)
- Re: Scaled Back Cybersecuruty Bryan Bradsby (Jan 14)
- Re: Scaled Back Cybersecuruty Johannes Ullrich (Jan 14)
- Attacks against Paul Vixie's home network Jeff S Wheeler (Jan 14)
- Re: Scaled Back Cybersecuruty Pete Kruckenberg (Jan 08)
- Re: Scaled Back Cybersecuruty Sean Donelan (Jan 15)
- Re: Scaled Back Cybersecuruty Pete Kruckenberg (Jan 14)
- Re: Scaled Back Cybersecuruty Valdis . Kletnieks (Jan 14)
- RE: Scaled Back Cybersecuruty Merlin Communications (Jan 14)