Re: A modest proposal

[Curtis Villamizar <curtis () ans net>]

In message <960917210707.32d3 () SDG DRA COM>, Sean Donelan writes:
> > Tracking down hacked machines would be quicker.  Sometimes you might
> > be able to track back to the source where you could pull the ANI
> > or callerid information out of the radius accounting logs and have
> > someone knocking on their door.  You only have to do this for 1 in 10
> > attacks before rumors spread around the hacker community and it stops.
>
> I hate to tell you, but ANI and caller-id can be spoofed too.
>
> However, I agree that encouraging as much source filtering as possible
> would be "a good thing."  Just as long as people don't get the idea
> that source filtering would make authentication by source IP address
> any more secure than authentication by caller-id.
>
> Now, if we could just get the phone company to not charge 1,000% markup
> on caller-id, we'd have it on all our modem lines now.
> -- 
> Sean Donelan, Data Research Associates, Inc, St. Louis, MO
>   Affiliation given for identification not representation


Can anyone remember what the hardest part was about finding Mitnick?
After having a relatively easy time tracing him to Netcom the problem
was figuring out where he was entering the phone system via cell phone
and it was determined that he had broken into the phone system and
probably been frollicing there for about 2 years.

Curtis
- - - - - - - - - - - - - - - - -