[16093] in North American Network Operators' Group
Re: [nanog] Re: SMURF amplifier block list
daemon@ATHENA.MIT.EDU (Stephen Balbach)
Sat Apr 11 21:06:24 1998
Date: Sat, 11 Apr 1998 20:51:18 -0400 (EDT)
From: Stephen Balbach <stephen@clark.net>
To: Michael Dillon <michael@memra.com>
cc: nanog@merit.edu
In-Reply-To: <Pine.BSI.3.93.980411171009.7879T-100000@sidhe.memra.com>
On Sat, 11 Apr 1998, Michael Dillon wrote:
> On Sat, 11 Apr 1998, Sean M. Doran wrote:
>
> > This is a monumental admission: I think Karl is doing the right thing.
>
> However there are a couple of minor flaws that could be fixed.
>
> One is to sort the list by IP address to make it easier for folks to scan
> through and see if they recognize any addresses of companies that they
> have some contact with. Even better would be to include the netblock names
> from whois.arin.net.
>
> And the other is to include the URL of a website that explains how to fix
> the problem. This makes it a whole lot easier to explain to people.
>
> P.S. maybe there is a 3rd flaw.... Maybe the list should be posted to
> alt.2600 as well? >:->
Another problem. Say I (and others) use this list. How do I know when the
perpetrators fix it? They may contact Karl. Karl may or may not keep the
blacklist alive on nanog 2 years from now. Bad sites gone good are still
blocked from my site. Is there a easy way to independently verify if it's
been fixed?
Even better if someone kept a central list with accountability. Perhaps
you could pay for verified updated access-lists.. prevent SMURF attacks,
emergency DoS attack swat teams for hire, etc.. a 1-2 man consulting
operation.
Stb
