Security Incidents mailing list archives
Re: SMTP server (How can I find out the real source of an attack
From: "Nick FitzGerald" <nick () virus-l demon co uk>
Date: Tue, 17 Jul 2001 11:34:41 +1200
"Pavel Kankovsky" <peak () argo troja mff cuni cz> wrote:
I see a trend: Yesterday, the Internet was a happy place free of DoS attacks. Today, we suffer from a relatively small number of intentional DoS attack. Tomorrow, the whole Internet will collapse under a massive wave of accidental DoS attacks caused by braindead software written and configured by ignorant people. :P
And this is largely because of current "accepted good practice"... How often in this and related lists (and in the RFCs, etc) do you see advice such as "be generous in what you accept..."? Because many implementors are so "generous" (but in differently incompatible ways) it is easy for a bad/lazy/stupid implementor to build and test an implementation that works well in all (the limited) ways s/he conceives to test against the limited other implementations chosen as for those tests. The result is an ever-increasing amount of crappy, non-standard compliant code being put into production. And, as Pavel notes, when you then deliver this to people who have no idea of what the standard is or how to "properly" configure their system anyway, things starts swirling more and more rapidly down the drain. The really sad thing is, many developers' "solution" to the fact that yet another non-standards compliant implementation has been foisted on the market by a competitor is to rush out and "break" their own product so it inter-operates with the rubbish... Regards, Nick FitzGerald ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- SMTP server (How can I find out the real source of an attack) MrG (Jul 12)
- Re: SMTP server (How can I find out the real source of an attack) Valdis . Kletnieks (Jul 13)
- Re: SMTP server (How can I find out the real source of an attack) Pavel Kankovsky (Jul 16)
- Re: SMTP server (How can I find out the real source of an attack Nick FitzGerald (Jul 17)
- Re: SMTP server (How can I find out the real source of an attack) Pavel Kankovsky (Jul 16)
- RE: SMTP server (How can I find out the real source of an attack) Mike Batchelor (Jul 13)
- Re: SMTP server (How can I find out the real source of an attack) kath (Jul 13)
- Re: SMTP server (How can I find out the real source of an attack) Mike Lewinski (Jul 16)
- <Possible follow-ups>
- RE: SMTP server (How can I find out the real source of an attack) Dean Cunningham (Jul 13)
- Re: SMTP server (How can I find out the real source of an attack) Valdis . Kletnieks (Jul 13)