nanog mailing list archives
Re: Is there a line of defense against Distributed Reflective attacks?
From: "E.B. Dreger" <eddy+public+spam () noc everquick net>
Date: Tue, 28 Jan 2003 00:16:45 +0000 (GMT)
JB> Date: Mon, 27 Jan 2003 15:19:25 -0600 JB> From: Jack Bates JB> So, if I'm reading this right, user of Vendor L doesn't like JB> Vendor M. Instead of attacking Vendor M's software, the user JB> just needs to make sure Vendor M's corporate servers get JB> infected and cause enough damage to run Vendor M into JB> bankruptcy from the resulting law suits? Hey! Sounds almost like ILEC/CLEC business, dumb patents, et cetera! (Not that I agree with that... not by a longshot... but that's a real risk.) JB> What about the small mom and pop shop? Will you watch as an JB> old family business is run into the ground because someone JB> didn't advise them properly on handling security? There is JB> such a thing as making penalties too stiff. Many good JB> businesses would be afraid to participate. Oh, wait. Never JB> mind. They'd have Internet Vulnerability insurance. Perhaps IVI is a worthy idea. Misconfigured computers certainly have the potential to cause damages. "We can't afford to do it right" is a poor excuse. Hiring an expert for a few hours is much cheaper than than damage one can cause. I heard a saying that, "If a business can't afford infrastructure such as accounting, legal, et cetera, it's not a business -- it's a hobby." Who should bear the brunt of the damage inflicted by others? I don't want to see people slinging ridiculous lawsuits (fast food causes obesity! whoulda thunk?), but I can think of several businesses that are willfully negligent when it comes to security. Should they go unpunished? Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist () brics com> To: blacklist () brics com Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist () brics com>, or you are likely to be blocked.
Current thread:
- Re: Is there a line of defense against Distributed Reflective attacks?, (continued)
- Re: Is there a line of defense against Distributed Reflective attacks? hc (Jan 16)
- Re: Is there a line of defense against Distributed Reflective attacks? Hank Nussbacher (Jan 16)
- Re: Is there a line of defense against Distributed Reflective attacks? Sean Donelan (Jan 17)
- Re: Is there a line of defense against Distributed Reflective attacks? Vadim Antonov (Jan 17)
- Re: Is there a line of defense against Distributed Reflective attacks? Richard Irving (Jan 17)
- Re: Is there a line of defense against Distributed Reflective attacks? Christopher L. Morrow (Jan 17)
- Re: Is there a line of defense against Distributed Reflective attacks? alex (Jan 23)
- Re: Is there a line of defense against Distributed Reflective attacks? Michael Lamoureux (Jan 23)
- Re: Is there a line of defense against Distributed Reflective attacks? alex (Jan 27)
- Re: Is there a line of defense against Distributed Reflective attacks? Jack Bates (Jan 27)
- Re: Is there a line of defense against Distributed Reflective attacks? E.B. Dreger (Jan 27)
- Re: Is there a line of defense against Distributed Reflective attacks? Valdis . Kletnieks (Jan 27)
- Re: Is there a line of defense against Distributed Reflective attacks? Brad Laue (Jan 16)
- Re: Is there a line of defense against Distributed Reflective attacks? hc (Jan 16)
- Re: Is there a line of defense against Distributed Reflective attacks? Christopher L. Morrow (Jan 16)
- Re: Is there a line of defense against Distributed Reflective attacks? Valdis . Kletnieks (Jan 16)
- Re: Is there a line of defense against Distributed Reflective attacks? David G. Andersen (Jan 16)