nanog mailing list archives
Re: DoS attacks, NSPs unresponsiveness
From: Valdis.Kletnieks () vt edu
Date: Thu, 02 Nov 2000 16:10:17 -0500
On Thu, 02 Nov 2000 12:28:19 PST, Alexei Roudnev said:
Just again - what's about an attempt to creta e ISP association which - - promise to do ingress filtering
It's already an IETF BCP, all clued ISP's should be doing it already - the problem is the *unclued* ISPs, which will neither do ingress/egress filtering, nor join any ISP association.. Hint: How many of those ISPs do we hear from on NANOG? ;)
- promise to do active filtering
"active filtering" in what meaning? You have to be careful here, to avoid a DOS attack by triggering active filtering...
- promise to investigate any case
Would "investigate" include the form letter I send out whenever I get a complaint that one of our NTP servers is trying to hack through somebody's firewall on ports 13, 37, and 123? Our CIRT is just basically 5-6 people who do security on top of everything else. We have to perform triage - in the last week, we got the disk drive of a compromised system into an evidence bag within 3 hours or so of our first notification there was a problem. On the other hand, we most certainly do *NOT* guarantee that level of response unless it's a very high profile incident. I'm sure the situation is similar at every other site out there.... -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
Attachment:
_bin
Description:
Current thread:
- Re: DoS attacks, NSPs unresponsiveness, (continued)
- Re: DoS attacks, NSPs unresponsiveness Simon Lyall (Nov 03)
- Re: DoS attacks, NSPs unresponsiveness Mark Mentovai (Nov 02)
- RE: DoS attacks, NSPs unresponsiveness rick (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness Valdis . Kletnieks (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness J Bacher (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness Valdis . Kletnieks (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness J Bacher (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness John Kristoff (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness J Bacher (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness Joe Shaw (Nov 02)
- Message not available
- Re: DoS attacks, NSPs unresponsiveness Valdis . Kletnieks (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness Ariel Biener (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness dies (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness Daniel Senie (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness Randy Bush (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness Ariel Biener (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness dies (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness Ariel Biener (Nov 02)
- Re: DoS attacks, NSPs unresponsiveness John Payne (Nov 03)
- Re: DoS attacks, NSPs unresponsiveness dies (Nov 03)
- Message not available
- Re: DoS attacks, NSPs unresponsiveness Hank Nussbacher (Nov 02)