Re: Is FreeBSD dead? Well, not in theory...

2000-03-10 Thread Johnathan Meehan 

Hi,

 You're going to feel like a real idiot when you actually read the
 announcement properly.  Go back and read it through from beginning to
 end. :-)

That is not fair, Sheldon. Didier has some concerns, and I cannot blame him.
I'm reassured by the comments that have been made, both here and other
places, but I am afraid that whilst not jumping ship, I will be watching the
development of FreeBSD with a /very/ suspicious eye.

I find it difficult to believe that a group of people who have worked so
hard for so long to produce a superior product will walk away from it, or
see it corrupted. However, on the other hand, when I hear managment type
terms such as "features" and "adding value" with reference to the commercial
offering I do wonder just how the FreeBSD project will be affected in
_reality_ and not just in _theory_. I am personally waiting to hear more
information, particularly from the commercial side, and perhaps then my
suspicious mind may be relieved somewhat.

I'm sure you chaps know what you are doing, but some of us believe that Eris
is great friends with Murphy.

Regards,

Johnathan Meehan




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Regarding DOS violations

2000-02-09 Thread Johnathan Meehan 

Hi Ed,

Your second point, on the logging is interesting. It would certainly be
worth collecting a central repository of IP addresses relating to the
machines used to propogate the attacks.

The point to remember is that they are victims too, but obviously despite
the wide publicity about these activities they have not bothered to take any
action to protect themselves therefore hurting everybody else. This problem
is becoming too common to allow chances to organisations that even as of yet
have taken no corrective action. Perhaps what is really needed is the
ability to remove the connection of these servers from the 'net backbone,
refusing to reconnect them until they had corrected the problem. But I don't
see how that is going to happen.

Maybe, rather like ISPs and spammers (or AOL), your logging idea could be
used as a first step - given the provided information in a repository,
individual organisations could take the option to refuse to accept packets
originating from these servers straight away. The owners could /then/ be
contacted and informed, to be removed from the list after correcting the
problem. If this were a feature, the list would grow quickly enough to at
least make the lives of the perpatrators rather more difficult, and the life
of the list administrator rather busy.

Some tools to automate things as much as possible, and your away, Ed. I
don't see why this couldn't be started by, but by no means limited to,
FreeBSD users. Then again, perhaps this is too political a move to make?

Johnathan Meehan


- Original Message -
From: Ed Gold [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, February 10, 2000 1:43 AM
Subject: Regarding DOS violations


 After reading the article,

http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2000/02/09
/MN23532.DTL

 I am wondering if FreeBSD should take any action to protect our users.
 I think it would speak incredibly highly of FreeBSD if Yahoo and other
 "customers" were to have some kind of protection from such an attack. My
 initial thoughts are:

 A web server should know its limitations and not attempt to handle more
 requests than it can manage.  It should invoke a service cutoff of any
 and all users that cause excessive loading over a measured interval of
 time.  Essentially, the machine would have to track all requests, rank
 them as to how much effort/resources they require, and then
 "integrate" this data over a fixed time period.  If the overall load is
 higher than an acceptable threshold, the most offensive clients get
 "ignored" for a fixed period of time.  This will, no doubt, ignore a
 small number of legitimate users; however, that's far better than not
 serving anyone.

 Additionally, the server could log this activity which would make it
 possible to contact the owners/operators of these most offensive
 systems.  With any luck, this could help them realize that their sites
 are being hacked into and they could take corrective action to prevent
 future attacks.  If we let them know that FreeBSD identified their
 problem, it might even be an excellent marketing move for us.  Comments
 Anyone?

 Regards,
 Ed





 To Unsubscribe: send mail to [EMAIL PROTECTED]
 with "unsubscribe freebsd-hackers" in the body of the message




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Yahoo under attack

2000-02-08 Thread Johnathan Meehan 

Hi Luoqi,

Try these for a little more detail:

http://www.antionline.com/cgi-bin/AntiLinks.cgi?url=http://www.nytimes.com/l
ibrary/tech/00/02/biztech/articles/08yahoo.html

http://www.securityfocus.com/templates/frame.html?adgroup=secnewsurl=/exter
nal/http%3a%2f%2fwww.currents.net%2fnewstoday%2f00%2f02%2f08%2fnews2.html

http://www.securityfocus.com/templates/frame.html?adgroup=secnewsurl=/exter
nal/http%3a%2f%2fnews.cnet.com%2fnews%2f0-1005-200-1544455.html%3ftag%3dst.n
e.1002.thed.1005-200-1544455

I don't know. Whatever happened to hackers? *poof* and they went, to be
replaced by idiots. You'll note that YahoO! is still regarded as the most
reliable web site, though.

Jonno

- Original Message -
From: Luoqi Chen [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, February 08, 2000 6:46 PM
Subject: Yahoo under attack


 Just saw it in the news,
 http://abcnews.go.com/sections/tech/DailyNews/yahoo000207.html
 Does anyone know the detail?

 -lq


 To Unsubscribe: send mail to [EMAIL PROTECTED]
 with "unsubscribe freebsd-hackers" in the body of the message




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message