[27574] in North American Network Operators' Group
Re: government eavesdropping
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Fri Feb 25 01:41:23 2000
Message-Id: <200002250639.e1P6dKc24648@black-ice.cc.vt.edu>
To: Brian Wallingford <brian@meganet.net>
Cc: nanog@merit.edu
In-reply-to: Your message of "Thu, 24 Feb 2000 23:03:44 EST."
<Pine.LNX.4.10.10002242231120.8533-100000@cerise>
From: Valdis.Kletnieks@vt.edu
Date: Fri, 25 Feb 2000 01:39:20 -0500
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 24 Feb 2000 23:03:44 EST, Brian Wallingford said:
> Specifically, what have Merit, and presumably yourself done that any
> reasonably clued ISP hasn't? Aside from responsible subneting, and
> standard non-intrusive filtering, what can be done? It seems to me that
> beyond that, the burden of safeguarding data falls on the end-user.
Sorry to preach to the choir, but... ;)
"reasonably clued" seems to be too much to ask from far too many ISPs.
Smurf came along in what, 1996? And www.pulltheplug.com and www.netscan.org
both are finding enough networks STILL vulnerable that they find it
interesting to tabulate.
The guys at pulltheplug.com found an x.x.131.63 address that returned
1,924 replies on a PING. Truly scary, that many hosts on a /26 ;) I
truly hope that something is SERIOUSLY broken in pulltheplug's
methodology, except... For bonus points, trying to 'dig' for the SOA
for the PTR zone gets a 'servfail', although the x.x.130.x and
x.x.132.x PTR SOA's map to the same ns.<nameremoved>.net machine.
You have to get down to 53rd on pulltheplug's list before you get to
under 200 replies. And the guy hasn't started on arin/ripe/apnic
allocated space yet.
If ISPs and users had clues, we wouldn't have as big a potential
DDoS problem. Oh, and this just in:
The network staff at JMU (a university up the road from us) have
found an in-the-wild Windows trin00. Details at:
http://www.jmu.edu/info-security/engineering/issues/wintrino.htm
And there's an estimate 76M hosts on the Internet. Probably 80%
of them are Windows. It's gonna be a LONG summer, guys....
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech
