[12732] in North American Network Operators' Group
Re: Denial of service attacks apparently from UUNET Netblocks
daemon@ATHENA.MIT.EDU (Alex Przekupowski)
Tue Oct 7 12:19:13 1997
Date: Tue, 7 Oct 1997 12:04:27 -0400 (EDT)
From: Alex Przekupowski <oop@idt.net>
To: Eric Wieling <eric@ccti.net>
cc: nanog@merit.edu
In-Reply-To: <19971007095556.03246@ccti.net>
On the MAX's that I have set up, I log that info to syslog (Local 7), and
can pull it up at will. If you need a hand, just let me know. By
combining the syslog output, and the RADIUS accounting logs, we can
definately prove at least the home address of the attacker.
Alex P
On Tue, 7 Oct 1997, Eric Wieling wrote:
> On Tue, Oct 07, 1997 at 01:03:14AM -0400, Charles Sprickman wrote:
> > I would not be surprised if the caller's phone number were logged, most
> > modern modem banks talk ANIS and DNIS, which if I'm remembering correctly
> > is basically caller ID. I'm thinking of putting this on our POP, as there
> > doesn't seem to be an extra charge to get the data from the telco.
>
> Unless you are using CallerID authentication, the Ascend MAXes do not
> log the caller's number. I assume that the TNT's have the same
> problem.
>
> --Eric
>
> --
> Eric Wieling (eric@ccti.net), Corporate Communications Technology
> Sales: 504-585-7303 (sales@ccti.net), Support: 504-525-5449 (support@ccti.net)
>
