nanog mailing list archives

Re: Level3 routing issues?

From: matthew () eeph com (Matthew Kaufman)
Date: Sat, 25 Jan 2003 19:26:49 PST

I've seen various references to this worm firing off and saturating 
networks worldwide within 1 minute... if *that* isn't scary, I don't know 
what is.  It shows that someone, with the right tools and enough vulnerable 
servers can take out a good portion of the Internet in seconds.  And how 
can we predict *every* possible issue and block it?


The good news with this worm was that the ports it used had low real utility
for inter-provider traffic. Compare and contrast to Code Red, where "block
TCP port 80" isn't such a great way to slow down the worm if you have any 
customers who like to use "the web"

A combination of the speed at which this spread and a port nobody wants to
block will undoubtedly happen in the future, and be ugly, both.

Matthew Kaufman
matthew () eeph com (home)
mkaufman () dsl net (work)

Current thread:

Re: Level3 routing issues?, (continued)
- - - Re: Level3 routing issues? Alex Rubenstein (Jan 25)
    - Re: Level3 routing issues? hc (Jan 25)
    - Re: Level3 routing issues? Blaine Kahle (Jan 25)
  - RE: Level3 routing issues? Andrew Staples (Jan 25)
    - RE: Level3 routing issues? fingers (Jan 25)
- Re: Level3 routing issues? Alex Rubenstein (Jan 25)
- Re: Level3 routing issues? Scott Granados (Jan 25)
- RE: Level3 routing issues? Kevin Welch (Jan 25)
- Re: Level3 routing issues? George William Herbert (Jan 25)
- Re: Level3 routing issues? Gregory Hicks (Jan 25)
- Re: Level3 routing issues? Matthew Kaufman (Jan 25)