[27172] in North American Network Operators' Group
Re: NANOG meeting subject of attack? Hmmmm....
daemon@ATHENA.MIT.EDU (Dan Hollis)
Wed Feb 9 21:09:46 2000
Date: Wed, 9 Feb 2000 18:07:39 -0800 (PST)
From: Dan Hollis <goemon@sasami.anime.net>
To: Travis Pugh <tpugh@shore.net>
Cc: Joe Shaw <jshaw@insync.net>, nanog@merit.edu
In-Reply-To: <Pine.GSO.4.21.0002091942060.26417-100000@cider.ecosoft.com>
Message-ID: <Pine.LNX.4.10.10002091803510.5004-100000@anime.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 9 Feb 2000, Travis Pugh wrote:
> On the subject of cooperation, has anyone set out to catalog where these
> attacks are coming from, at least in terms of compromised networks, and
> share said information?
I think far more interesting would be to keep track of DoS attacks, and
how various NOCs (mis)handled the problem.
Attack wise, we see the largest percentage of bounce attacks from
compromised .jp/.cn sites, followed by direct assaults from roadrunner and
@home (but thats just the nature of the beast. give teenage punks cheap
10mbps and what do you expect)
-Dan
