nanog mailing list archives
Re: Monumentous task of making a list of all DDoS Zombies.
From: "E.B. Dreger" <eddy+public+spam () noc everquick net>
Date: Sun, 8 Feb 2004 23:23:48 +0000 (GMT)
SD> Date: Sun, 8 Feb 2004 17:43:34 -0500 (EST) SD> From: Sean Donelan SD> Again, why does an ISP need to spend the money and as you SD> point out the extra hassle, to do this? ISPs already have SD> all the information they need to trace a subscriber from the SD> IP address and timestamp. I'm not sure they need to for the MAC address example. I was pointing out that information contained in reverse DNS could be meaningful, but only to those who should know. Perhaps a better example would be to s/MAC address/user id/ and repeat the example. Then, instead of digging through logs, one could quickly decrypt the user ID. SD> We made this mistake once already by having /etc/passwd files SD> world-readable (encryption would protect the passwords). Totally wrong analogy. /etc/passwd was a one-way hash (useless for this situation)... SD> Don't repeat the mistake. If you suspect a particular ...using crypt(). Note that I never suggested use of weak crypto. SD> computer, know the time, how long would it take to SD> brute-force the remaining six characters? I can think of some frequently-encrypted data that begins with strings like "HTTP/1.1 200 OK". So which is a better starting point for key recovery? Eddy -- EverQuick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita _________________________________________________________________ DO NOT send mail to the following addresses : blacklist () brics com -or- alfra () intc net -or- curbjmp () intc net Sending mail to spambait addresses is a great way to get blocked.
Current thread:
- Re: abusereporting, (continued)
- Re: abusereporting Suresh Ramasubramanian (Feb 08)
- Re: abusereporting (was Re: Monumentous task of making a list) Steven M. Bellovin (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. Guðbjörn Hreinsson (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. Suresh Ramasubramanian (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. Sean Donelan (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. Suresh Ramasubramanian (Feb 08)
- RE: Monumentous task of making a list of all DDoS Zombies. Steve Birnbaum (Feb 10)
- Re: Monumentous task of making a list of all DDoS Zombies. Suresh Ramasubramanian (Feb 10)
- Re: Monumentous task of making a list of all DDoS Zombies. E.B. Dreger (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. Sean Donelan (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. E.B. Dreger (Feb 08)