[28477] in North American Network Operators' Group
RE: ABOVE.NET SECURITY TRUTHS?
daemon@ATHENA.MIT.EDU (Roeland Meyer (E-mail))
Mon May 1 12:04:03 2000
Reply-To: <rmeyer@mhsc.com>
From: "Roeland Meyer (E-mail)" <rmeyer@mhsc.com>
To: <jtk@aharp.is-net.depaul.edu>, <nanog@merit.edu>
Date: Mon, 1 May 2000 09:00:08 -0700
Message-ID: <002501bfb386$53a11b40$eaaf6cc7@PEREGRIN>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
In-Reply-To: <390DA260.63557B46@depaul.edu>
Errors-To: owner-nanog-outgoing@merit.edu
This is a red-herring, see www.gnutella.org
There is no way anyone is going to even put a dent in distribution. =
Reference recent failed attemps vs MP3 distro, and reference the MPAA. =
One might alos see Napster issues.
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
> John Kristoff
> Sent: Monday, May 01, 2000 8:27 AM
> To: nanog@merit.edu
> Subject: Re: ABOVE.NET SECURITY TRUTHS?
>=20
>=20
>=20
> "Henry R. Linneweh" wrote:
> > My fundamental question here is where is the directory where
> > all these new DDoS toyz and other forms of destruction
> > located at?
>=20
> Potentially millions of hosts.
>=20
> > How are they getting to these programs?
> > A solution is system wide scans for code segments in
> > programs that spawn attacks and remove them and the
> > users who have them without a valid reason.
> >=20
> > Search records for ssh, stelnet, telnet connections to
> > boxes other than the primary account.
>=20
> Since the tools can exist on any individual host on the network, every
> single owner/user/admin of an IP address would need to scan their
> machine. While I agree its a host problem, it's extremely=20
> difficult to
> fix with host solutions alone. Even if you did, you still=20
> won't be able
> to stop the creation and dissemination of tools amongst the bad guys.
>=20
> > Tighten up on hosted domains TOS and force Domain registrars
> > to cancel domains involved in criminal activity.
>=20
> I agree, some form of shunning could help cause people to batten down
> the hatches. This assumes you know where the problem is originating
> from.
>=20
> John
