[27185] in North American Network Operators' Group
Re: Info on the DoS attacks.
daemon@ATHENA.MIT.EDU (Sean Donelan)
Wed Feb 9 22:46:23 2000
Date: 9 Feb 2000 19:36:33 -0800
Message-ID: <20000210033633.21122.cpmta@c004.sfo.cp.net>
Content-Type: text/plain
Content-Disposition: inline
Mime-Version: 1.0
To: largo@megatokyo.com
From: Sean Donelan <sean@donelan.com>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 09 February 2000, Rodney Caston wrote:
> It's because people are being very closed mouthed with this, the corps
> either have no idea what is going on or do not wish to share what they
> know, and those involved with the attacks have done a good job of keeping
> silent. Besides comparing Morris's worm to what is going on now is hardly
> fair, the net was a very different place then, and his cpu cycle hog of a
> program was alot easier to deal with and detect.
In past cases, the "crackers" have eventually been caught not by closed-mouth
corps and law enforcement, but by "civilians."
The closed-mouthness just seems to be extending the list of victims because
the later ones didn't know how to protect themselves until after they got hit.
Then after a few hours of downtime, they figure out which filters to install.
Wouldn't it be nice to know what filters to install to protect your web site
before it gets hit?
