Re: Few questions to the american ISPs [Re: DDOS anecdotes]

[Pim van Riezen <pi () vuurwerk nl>]

On Sat, 23 Jun 2001, Christopher A. Woodfield wrote:

> At a conference in late 1999, UUNet announced that they had anti-spoof
> filters in place on their dialup ports. Not that that amount to much in
> contrast to teh amount of spoofed DDOS traffic from cable providers, mind
> you...IIRC, it's the cable providers that need to put up the anti-spoofing
> filters the most.

The many ways in which cable providers fail to care about security is
mindboggling. One local outfit here dumps customers by the dozens in a
broadcast domain on what boils down to a non-switched network, allowing
customers to sniff traffic from most of their neighborhood. Few people
actually realize that they are sending plaintext passwords to ftp servers
and pop3 servers, even those of the cable provider itself.

I also have yet to see the first cable ISP that hands out instructions to
its customers on how to close down unwanted network services of their
Windows machines. People don't see the danger of remaining connected to
the same ip-address for days at a stretch on a high bandwidth connection
with a Windows machine that has hardly been configured. When they did
dialin, this never was a problem; Chances of being hit by a malicious scan
_and_ getting compromised by a scriptkiddy during the one hour a day they
were actually online were much lower and so was the payoff for the
scriptkiddies, since a shitty 28k8 dialup didn't really make much of a
diference.

Cheers,
Pi