Re: Info on the DoS attacks.

[Sean Donelan <sean () donelan com>]

On Wed, 09 February 2000, Declan McCullagh wrote:
>  From my perspective, corporations are filtering information through 
> clueless PR flacks to a (relatively clueless) media. I can't buy that sites 
> hit by an attack 48 hours ago "have no idea what is going on." If that's 
> the case, some people need to be fired real quick.

I'm not too concerned about clueless media and PR flacks.

But at NANOG I spoke with several people I thought would know, who didn't.
I didn't talk to any GlobalCenter folks because I couldn't find any.  They
disappeared on Monday.  But I did speak with several security people with
other providers, and they hadn't heard any confirmed technical details.  Just
speculation about what had happened.  In particular, everyone was wondering
what made the attack so hard to detect as a DoS.

Ok, I know, I don't work at an ISP anymore, so I'm not a member of the club.
I think several departments at WorldCom are under orders not to speak to me.
But instead I found the security folks at other providers were happy to talk
about it, but didn't know any more than me.  This worries me.