Security Incidents mailing list archives
Re: Analysis: AboveNet attacks
From: bugtraq () NETWORKICE COM (Robert Graham)
Date: Tue, 2 May 2000 19:19:13 -0700
I'm primarily worried about script-kiddy attacks. In my paper, I outline a couple simple steps that will make the network immune from script-kiddies. There is no really excuse for being that open. In contrast, exposing general topological information doesn't help script kiddies, and only helps the "elite" intruder. In contrast, there this information provide network management benefits. As an engineer, it really helps me a lot. I find AboveNet to be probably the more engineer-friendly companies out there. They not only provide status info to the public on their home page, but lots of private web-page management tools for their customers. They do lots of boneheaded things, but they also do a bunch of cool things, too. I would really hate it if AboveNet cracked down on their openness policy. Rob. -----Original Message----- From: Incidents Mailing List [mailto:INCIDENTS () securityfocus com]On Behalf Of Richard Bejtlich Sent: Monday, May 01, 2000 5:15 PM To: INCIDENTS () securityfocus com Subject: Re: Analysis: AboveNet attacks Excellent analysis Robert. I'm passing your message to my analysts for their education. Poking around http://www.above.net/network/network.html , it looks like Above.net still lists the IPs you mentioned. This reminds me of the business/education/etc network diagrams shown in each issue of Network Computing magazine (http://www.networkcomputing.com). This "centerfold" is a great resource for anyone looking to break into a company -- why would anyone volunteer their entire topology, albeit minus IP addresses? Richard --- In the case of AboveNet, they actually tell everyone the IP addresses of their switches. They post to their website map the current status of all their equipment and Internet connections. They essentially publicize where to find the equipment and classify it in a well-known category of attacks that might bring it down.
Current thread:
- Re: Analysis: AboveNet attacks Richard Bejtlich (May 01)
- Re: Analysis: AboveNet attacks Robert Graham (May 02)
- Re: Analysis: AboveNet attacks Ville (May 06)
- Re: Analysis: AboveNet attacks Paul Cardon (May 02)
- <Possible follow-ups>
- Re: Analysis: AboveNet attacks Laura Taylor (May 03)
- Re: Analysis: AboveNet attacks Robert G. Ferrell (May 04)
- Re: Analysis: AboveNet attacks Filip M. Gieszczykiewicz (May 08)
- Re: Analysis: AboveNet attacks Robert Graham (May 02)