What kinds of mechanisms exist for keeping track of the origins of
something of this nature?
Normally that's not very productive as they are mostly owned boxes that
will be rebuilt and reowned in days :(
We could automate the tracing process, like *57 customer initiated trace
on the
On Thu, Jan 16, 2003 at 08:48:03PM -0500, Brad Laue wrote:
Having researched this in-depth after reading a rather cursory article
on the topic (http://grc.com/dos/drdos.htm), only two main methods come
to my mind to protect against it.
There are a few more methods, some have already mentioned
After last weeks spam run on Iraq, the US military and NIPC are
concerned Iraq might be behind a rise in electronic attacks
against government and military networks.
The assessment said recent computer disruptions have included Web
defacements, denial of service attacks that can disrupt or
This report has been generated at Fri Jan 17 21:50:49 2003 AEST.
The report analyses the BGP Routing Table of an AS4637 (Reach) router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org/as4637 for a current version of this report.
Recent Table
Do we need te equivalent of a dog bite law for computers. If your
computer attacks another computer, the owner is responsible. File a
police report, and the ISP will give the results of the *57 trace to
the local police. The police can then put down the rabid computer,
permanently.
- Starting at the core, which is who the Feds buy the most IP from,
still makes life a lot simpler if and when we get the big one
in terms of cyber-attack.
Is not the problem with this that few if any attacks originate in the
core, and by the time the traffics start getting aggregated
Passed along without comment
I poisoned P2P networks for the RIAA - whistleblower
By Andrew Orlowski in San Francisco
Posted: 17/01/2003 at 13:00 GMT
Gobbles, the German hacker who improbably claimed to have infected
peer-to-peer file sharing networks and to 0wn your computer this week,
has
After last weeks spam run on Iraq, the US military and NIPC are
concerned Iraq might be behind a rise in electronic attacks
against government and military networks.
and we are supposed to have sympathy for those who struck the first
blow? rofl!
randy
Hi,
I would like to filter bgp updates based on AS origin.
I know that i can match origin with regex as :
_1239$
In fact, i would like to match as-path that originate from
ASes from 856 to 1239.
pseudo regex would be something like : _[856..1239]$
Juniper has this feature. Cisco does not
But the article also says less than 2% of the attacks resulted
in a successful intrusion.
http://www.nytimes.com/2003/01/17/technology/17HACK.html
2% would be an embarrassingly large success rate for intrusion on a
secured military network.
But, I'm sure they'll float any articles they can
Vadim Antonov wrote:
Caution this won't program a router:
The police can then put down the rabid computer,
permanently.
Good in theory... in practice police has more important things to do. Like
catching pot smokers.
Not -=too=- much problem soon, thanks to the USA Patriot act.
In
From: jnull [EMAIL PROTECTED]
But the article also says less than 2% of the attacks resulted
in a successful intrusion.
2% would be an embarrassingly large success rate for intrusion on a
secured military network.
Not to mention the definition of attack the article seems to use. After
Vincent,
I'm fairly certain it can match a range, just as you yourself posted you
could do. There is no difference between using a range to find 0-9, than
there is finding 64512-65535. So your line would look something like this:
ip as-path access-list 150 permit _[64512-65535]$
-Andy
Well they don't tell you which 2 percent either.
For all we know
only 2 percent were successful and yielded launch codes...
or
only 2 percent were successful and yielded next weeks lunch schedule.
Big difference on which 2 percent:).
On Fri, 17 Jan 2003, jnull wrote:
But the article
On Fri, 17 Jan 2003, Vadim Antonov wrote:
Do we need te equivalent of a dog bite law for computers. If your
computer attacks another computer, the owner is responsible. File a
police report, and the ISP will give the results of the *57 trace to
the local police. The police can
On Fri, Jan 17, 2003 at 12:10:59PM -0500, Andy Johnson wrote:
Vincent,
I'm fairly certain it can match a range, just as you yourself posted you
could do. There is no difference between using a range to find 0-9, than
there is finding 64512-65535.
There is in regular expressions.
On Fri, Jan 17, 2003 at 06:38:08PM +, Christopher L. Morrow mooed:
has something called Source Path Isolation Engine (SPIE). There
This would be cool to see a design/whitepaper for.. Kelly?
The long version of the SPIE paper is at:
On Fri, 17 Jan 2003, David G. Andersen wrote:
On Fri, Jan 17, 2003 at 06:38:08PM +, Christopher L. Morrow mooed:
has something called Source Path Isolation Engine (SPIE). There
This would be cool to see a design/whitepaper for.. Kelly?
The long version of the SPIE paper is
I guess the question of all this is may be... what could be done to
perhaps... to minimize the impact of DoS attacks pointed at a victim host?
Getting everyone to take security more seriously will most likely never
going to happen.. :(
-hc
On Fri, 17 Jan 2003, Clayton Fiske wrote:
On Fri,
On Fri, 17 Jan 2003 18:38:08 + (GMT)
Christopher L. Morrow [EMAIL PROTECTED] wrote:
has something called Source Path Isolation Engine (SPIE). There
This would be cool to see a design/whitepaper for.. Kelly?
In addition to David's link:
http://www.ir.bbn.com/projects/SPIE/
Just had a co-worker pass this one one to me and thought some
might find the humor in it as well...
http://www.dude.ru/music/gigflapping.html
Randy Bush [EMAIL PROTECTED] wrote:
After last weeks spam run on Iraq, the US military and NIPC are
concerned Iraq might be behind a rise in electronic attacks
against government and military networks.
and we are supposed to have sympathy for those who struck the first
blow? rofl!
Getting everyone to take security more seriously will most likely never
going to happen.. :(
If this is the case then we are screwed... I hope its not the case, I hope
that the customer service folks at ISP/NSP's and NOC and Engineering folks
all keep this in their minds and push their
Jeremy T. Bouse wrote:
Just had a co-worker pass this one one to me and thought some
might find the humor in it as well...
http://www.dude.ru/music/gigflapping.html
Hmmm. Awesome. I must add a cronjob that plays this MP3 during scheduled
backbone maintenance window :-)
-hc
-Original Message-
From: Stewart, William C (Bill), RTLSL
Sent: Friday, January 17, 2003 5:35 PM
To: '[EMAIL PROTECTED]'
Subject: Re: Is there a line of defense against Distributed Reflective
attacks?
Many of these attacks can be mitigated by ISPs that do
anti-spoofing filtering on
On Fri, 17 Jan 2003, Stewart, William C (Bill), RTLSL wrote:
-Original Message-
From: Stewart, William C (Bill), RTLSL
Sent: Friday, January 17, 2003 5:35 PM
To: '[EMAIL PROTECTED]'
Subject: Re: Is there a line of defense against Distributed Reflective
attacks?
Many of these
26 matches
Mail list logo