Firewall Wizards mailing list archives
RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) -reply
From: Mark.Teicher () predictive com
Date: Thu, 13 Apr 2000 08:54:47 -0400
Andrew, A familiar poster, I have always been under the impression "If you plan your network carefully" it will withstand the test of time. Most sysadmins do not have the luxury of constructing a network correctly due to mitigating factors as "It had to be done yesterday, so we didn't have the time" "We'll fix it later" or "If ain't broke, don't fix it" A majority of the networks that I have contributed in constructing have been up for some time and has not suffered one minute of down time as the fate of other companies have. If you read the right books and have the right amount of "CLUE" or "CLUE" factor, it is fairly simple to construct a secure, simple network infrastructure that can scale and expand as the organization grows. Carelessness and lack of forethought in my mind contributed heavily to the recent outages. Networks should be designed to handle huge amount of data when they are scaled and implemented properly. Prototype, Prototype, Stress Test, Stress Test, talk to Marcus's cats. I am sure they have a couple of stories they can tell you about the networks they consulted on.. :) /mark "Andrew J. Luca" <andrewluca () mediaone net> 04/13/00 05:13 AM Please respond to ajl To: <Mark.Teicher () predictive com>, "'Carson, Joe'" <JCarson () smartronix com> cc: <firewall-wizards () nfr net> Subject: RE: [fw-wiz] SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) Uh, I disagree with your statement, Mark. Part of the reason that DOS is so easy is that you can always just pump data into a network. While I agree that it might not have been so easy to turn unsuspecting companies into malicious players in the attack, you still could have pulled in other resources to accomplish the same thing. Drew -----Original Message----- From: owner-firewall-wizards () lists nfr net [mailto:owner-firewall-wizards () lists nfr net]On Behalf Of Mark.Teicher () predictive com Sent: Tuesday, April 11, 2000 9:08 AM To: Carson, Joe Cc: firewall-wizards () nfr net Subject: RE: [fw-wiz] SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) If networks were constructed properly and security was addressed at the time of that the initial design was considered, DDOS would not have been widespread as it was. /m "Carson, Joe" <JCarson () smartronix com> Sent by: owner-firewall-wizards () lists nfr net 03/30/00 01:28 PM Please respond to "Carson, Joe" To: "'Andy Bach'" <root () wiwb uscourts gov>, firewall-wizards () nfr net cc: Subject: RE: [fw-wiz] SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) Andy, SANS put a lot of effort into this instruction, and it was reviewed by several thousand network security engineers prior to publishing it. I was one of the reviewers, and found the instruction covers the same techniques that I and many in this field already use. They wont solve world hunger, but they do what they are supposed to do. Joe W. Joseph Carson,CCNA,CCDA Chief Technical Officer Smartronix Inc. 703-630-4422 -----Original Message----- From: Andy Bach [mailto:root () wiwb uscourts gov] Sent: Wednesday, March 29, 2000 11:59 AM To: firewall-wizards () nfr net Subject: [fw-wiz] SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) Hey, SANS is requesting Internet-wide assistance w/ stopping DOS attack by reconfiguring routers. Anybody looked at the instructions/info and seen if it would work? http://www.sans.org/dosstep/index.htm Andy Bach, sys mgr andy () wiwb uscourts gov ---------- Forwarded message ---------- From: The SANS Institute <sans () sans org> [snip] The simple steps can be found at the SANS website at the URL http://www.sans.org/dosstep/index.htm and will keep your site from contributing to the DOS threat. Tools will soon be publicly posted to determine which organizations have and have not protected their users and which ones have systems that still can be used as a threat to the rest of the community. More than 100 organizations in the SANS community have tested the guidelines, which were drafted by Mark Krause of UUNET with help from security experts at most of the other major ISPs and at the MITRE organization. The testing has improved them enormously. (A huge thank-you goes to the people who did the testing.) [snip] Alan Paller Director of Research SANS Director of Research sansro () sans org 301-951-0102
Current thread:
- Re: SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) Paul D. Robertson (Apr 04)
- <Possible follow-ups>
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) Mark . Teicher (Apr 13)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) Andrew J. Luca (Apr 18)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) Rick Smith (Apr 18)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) -reply Mark . Teicher (Apr 18)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) -reply Andrew J. Luca (Apr 20)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) -reply Mark . Teicher (Apr 18)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks Rick Smith (Apr 18)