Security Incidents mailing list archives

Re: Ping flood? Whats the point?

From: filipg () CORONA EPS PITT EDU (Filip M. Gieszczykiewicz)
Date: Wed, 9 Feb 2000 22:00:35 -0500


On Wed, 9 Feb 2000, Thomas Vincent wrote:

From what I understand, the massive distributed denial of service attack
yesterday was the by product of ISP's,  Universities , and other
organizations not filtering the packets from there internal networks.
It will probably take Yahoo, CNN, Buy.com, eBay, and Amazon collectively
standing up and raising a ruckus to get organizations to filter there
networks.


I certainly hope that causes some action. However, often the problem is
not the Computer Services of an university (say, Pitt, for example) but
the leadership. Problem is no funds are allocated for admins and security
in general. Thus, we are in the situation of a) brain-drain as anyone who
knows enough to be a good admin can get a heck of a lot more $$$ in local
area businesses (ie. not competative salary), b) disgust (less and less
brains being asked to do more and more for less), and c) pissed off
"subjects" who pay more than before for "less".

Pitt is only NOW talking about firewalling some departments. As far as
I know, there is no filtering at all going on right now. And the
frequency with which we (collectively) get cracked (every 6-7 months)
is just ripe for Pitt to do DoS in some sinister skript-kiddies plot.

No wonder that the departments themselves have bitten the bullet and
started setting up their own security policies.... quite apart from
the "University" in your [hopefull] posting... I think you will find
that the DoS'es are coming from those depts that do not understand nor
care about computers... and you can group the "University" under there
as well.

Sorry for the rant. But you don't have a full understanding of
"hopeless" unless you've worked in an university setting.

Cheers,
Filip G.

Filip "I'll buy a vowel" Gieszczykiewicz  |  http://www.repairfaq.org/
                                             (filipg () corona eps pitt edu)
I am the river itself and the leaf floating its currents.
I am steering. I am swept. I am.

Current thread:

tracing spoofing (Was Re: Ping flood? Whats the point?), (continued)
- - tracing spoofing (Was Re: Ping flood? Whats the point?) Dragos Ruiu (Feb 03)
- Re: Ping flood? Whats the point? Andy David (Feb 03)
  - Re: Ping flood? Whats the point? Bill Pennington (Feb 05)
  - Re: Ping flood? Whats the point? Russell Fulton (Feb 06)
- Re: Ping flood? Whats the point? Chuck Phillips (Feb 05)
  - Re: Ping flood? Whats the point? Kerry Baker (Feb 07)
    - Re: Ping flood? Whats the point? Filip M. Gieszczykiewicz (Feb 08)
    - Re: Ping flood? Whats the point? Kerry Baker (Feb 08)
    - Re: Ping flood? Whats the point? Russell Fulton (Feb 09)
    - Re: Ping flood? Whats the point? Thomas Vincent (Feb 09)
    - Re: Ping flood? Whats the point? Filip M. Gieszczykiewicz (Feb 09)