[14670] in North American Network Operators' Group
Re: Reporting Little Blue Men
daemon@ATHENA.MIT.EDU (Martin Hannigan)
Tue Jan 20 19:48:58 1998
From: Martin Hannigan <hannigan@xcom.net>
To: dean@av8.com (Dean Anderson)
Date: Tue, 20 Jan 1998 19:32:12 -0500 (EST)
Cc: eric@ccti.net, nanog@merit.edu
In-Reply-To: <v03007809b0ead9ce8dd9@[198.3.136.121]> from "Dean Anderson" at Jan 20, 98 07:03:42 pm
>
> At 9:45 AM -0500 1/20/98, Eric Wieling wrote:
>
> You should be able to figure out what interfaces they are comming in on.
> That's the first step.
>
> >Is there any point in trying to report these attacks? Who would we
> >report them to? We don't know what the source is, after all the
> >address is spoofed. It seems kind of pointless to notify the victim
> >-- they already know they have been smurfed.
>
> You report them to the FBI. See "Firewalls and Internet Security" by
> Cheswick and Bellovin, and "Unix System Security" by Curry.
Why not spend the time securing the system instead?
[ snip ]
> I suppose that some on this list are ill-disposed to accept they are
> breaking any laws. I doubt anyone wants to argue this on this list. So I
> won't.
Thanks. There are already plenty of places to troll, but please,
not here.
