-Caveat Lector- <A HREF="http://www.ctrl.org/"> </A> -Cui Bono?- -------- Forwarded message -------- From: The SANS Institute <[EMAIL PROTECTED]> Date: Wed, 29 Mar 2000 Subj: SANS Flash: Urgent Request For Help In Stopping DOS Attacks From: Alan Paller, Research Director, The SANS Institute This is an urgent request for your cooperation to slow down the wave of denial of service attacks? As you may know, denial of service (DOS) attacks are virulent and still very dangerous. These are the attacks responsible for the many outages reported recently in the press and others that have been kept more secret. DOS attacks are a source of opportunities for extortion and a potential vehicle for nation-states or anyone else to cause outages in the computer systems used by business, government, and academia. DOS attacks, in a nutshell, comprise a world-wide scourge that has already been unleashed and continues to grow in sophistication and intensity. One effective defense for these attacks is widely available and is neither expensive nor difficult to implement, but requires Internet-wide action; that's why we're writing this note to request your cooperation. The defense involves straightforward settings on routers that stop key aspects of these attacks and, in doing that, reduce their threat substantially. These settings will not protect you from being attacked, but rather will stop any of the computers in your site from being used anonymously in attacking others. In other words, these settings help protect your systems from being unwitting assistants in DOS attacks, by eliminating the anonymity upon which such attacks rely. If everyone disables the vehicles for anonymity in these attacks, the attacks will be mitigated or may cease entirely for large parts of the net. The simple steps can be found at the SANS website at the URL http://www.sans.org/dosstep/index.htm and will keep your site from contributing to the DOS threat. Tools will soon be publicly posted to determine which organizations have and have not protected their users and which ones have systems that still can be used as a threat to the rest of the community. More than 100 organizations in the SANS community have tested the guidelines, which were drafted by Mark Krause of UUNET with help from security experts at most of the other major ISPs and at the MITRE organization. The testing has improved them enormously. (A huge thank-you goes to the people who did the testing.) We hope you, too, will implement these guidelines and reduce the global threat of DOS attacks. We also urge you to ask your business partners and universities and schools with which you work to implement these defenses. And if you use a cable modem or DSL connection, please urge your service provider to protect you as well. As in all SANS projects, this is a community-wide initiative. If you can add to the guidelines to cover additional routers and systems, we welcome your participation. Alan Alan Paller Director of Research SANS Director of Research [EMAIL PROTECTED] 301-951-0102 <A HREF="http://www.ctrl.org/">www.ctrl.org</A> DECLARATION & DISCLAIMER ========== CTRL is a discussion & informational exchange list. Proselytizing propagandic screeds are not allowed. Substance�not soap-boxing! These are sordid matters and 'conspiracy theory'�with its many half-truths, misdirections and outright frauds�is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRL gives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credence to Holocaust denial and nazi's need not apply. Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at: http://home.ease.lsoft.com/archives/CTRL.html http:[EMAIL PROTECTED]/ ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED] To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED] Om
