RE: ABOVE.NET SECURITY TRUTHS?

["Roeland Meyer (E-mail)" <rmeyer () mhsc com>]

This is a red-herring, see www.gnutella.org

There is no way anyone is going to even put a dent in distribution. Reference recent failed attemps vs MP3 distro, and 
reference the MPAA. One might alos see Napster issues.


> -----Original Message-----
> From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
> John Kristoff
> Sent: Monday, May 01, 2000 8:27 AM
> To: nanog () merit edu
> Subject: Re: ABOVE.NET SECURITY TRUTHS?
>
>
>
> "Henry R. Linneweh" wrote:
> > My fundamental question here is where is the directory where
> > all these new DDoS toyz and other forms of destruction
> > located at?
>
> Potentially millions of hosts.
>
> > How are they getting to these programs?
> > A solution is system wide scans for code segments in
> > programs that spawn attacks and remove them and the
> > users who have them without a valid reason.
> >
> > Search records for ssh, stelnet, telnet connections to
> > boxes other than the primary account.
>
> Since the tools can exist on any individual host on the network, every
> single owner/user/admin of an IP address would need to scan their
> machine.  While I agree its a host problem, it's extremely 
> difficult to
> fix with host solutions alone.  Even if you did, you still 
> won't be able
> to stop the creation and dissemination of tools amongst the bad guys.
>
> > Tighten up on hosted domains TOS and force Domain registrars
> > to cancel domains involved in criminal activity.
>
> I agree, some form of shunning could help cause people to batten down
> the hatches.  This assumes you know where the problem is originating
> from.
>
> John