nanog mailing list archives
Re: monkeys.dom UPL being DDOSed to death
From: Mike Tancsa <mike () sentex net>
Date: Tue, 23 Sep 2003 17:16:02 -0400
http://www.openrbl.org is also offline due to a DDoS. ---Mike At 05:04 PM 23/09/2003, Joe St Sauver wrote:
Hi, #This goes beyond spam and the resources that many mail servers are #using. These attacks are being directed at anti-spam organizations #today. Where will they point tomorrow? Many forms of breaking through #network security require that a system be DOS'd while the crime is being #committed. These machines won't quiet down after the blacklists are shut #down. They will keep attacking hosts. For the US market, this is a #national security issue. These systems will be exploited to cause havoc #among networks of all types and sizes; governmental and commercial. Note that not all DNSBLs are being effectively hit. DNSBLs which run with publicly available zone files are too distributed to be easily taken down, particularly if periodic deltas are distributed via cryptographically signed Usenet messages (or other "push" channels). You can immunize DNSBLs from attack, *provided* that you're willing to publicly distribute the contents of those DNSBLs. And when it comes to dealing with the sources of these attacks, we all know that there are *some* networks where security simply isn't any sort of priority. (For example, make it a practice to routinely see what ISPs consistently show up highly ranked on incident summary sites such as http://www.mynetwatchman.com/ ). Maybe the folks running those networks are overworked and understafffed, maybe they have legal constraints that limit what they can do, maybe their management just don't care as long as they keep getting paid. Who knows? Whatever the reason, no one is willing to depeer them or filter their routes, so they really are free to do absolutely *nothing* about vulnerable hosts or abusive customers. There are absolutely *no* consequences to their security inactivity, and because of that, none of us should be surprised that the problem is becoming a worsening one. Regards, Joe St Sauver (joe () oregon uoregon edu) University of Oregon Computing Center
Current thread:
- Re: monkeys.dom UPL being DDOSed to death, (continued)
- Re: monkeys.dom UPL being DDOSed to death Jack Bates (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death Jason Slagle (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death jlewis (Sep 23)
- Re[2]: monkeys.dom UPL being DDOSed to death Richard Welty (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death Geo. (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death jlewis (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death Jack Bates (Sep 24)
- RE: monkeys.dom UPL being DDOSed to death Geo. (Sep 24)
- Re: monkeys.dom UPL being DDOSed to death Jack Bates (Sep 24)
- Re: monkeys.dom UPL being DDOSed to death Jason Slagle (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death Jack Bates (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death Mike Tancsa (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death Kai Schlichting (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death John Payne (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death Justin Shore (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death Dan Hollis (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death John Payne (Sep 23)
- Re: monkeys.dom UPL being DDOSed to death Valdis . Kletnieks (Sep 23)