[29796] in North American Network Operators' Group
Re: scripts kiddie sites
daemon@ATHENA.MIT.EDU (Henry R. Linneweh)
Fri Jul 7 10:20:38 2000
Message-ID: <3965E5B9.290F918B@concentric.net>
Date: Fri, 07 Jul 2000 07:14:17 -0700
From: "Henry R. Linneweh" <linneweh@concentric.net>
Reply-To: linneweh@concentric.net
MIME-Version: 1.0
To: Hank Nussbacher <hank@att.net.il>
Cc: David Charlap <david.charlap@marconi.com>, nanog@merit.edu
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Is there any way to identify these types of providers and not carrying
them on the backbone?
Hank Nussbacher wrote:
> At 19:06 06/07/00 -0400, David Charlap wrote:
>
> >I would assume that a "scripts kiddie source network" is a network where
> >the administrators do not bother to investigate reports of system
> >cracking attempts from their network. This effectively gives these
> >crackers a green light to go and attack people, since they know they
> >won't lose their access.
> >
> >-- David
>
> There is an inherent problem here. Newer Internet phone systems allow
> anonymous dialin. We have such a system in Israel (2+ years) and I know
> one like that exists in the UK. The monopoly phone company sets up a
> special number like "135", users dialin - no authentication, no user/pswd,
> just PPP to one specific site. The user fires up their browser and
> connects to the phone company Web portal which has a large table of ISPs
> and rates. The user clicks on the one they want and all the packets now
> flow via that ISP. No authentication. Pure anonymous PPP. [Technical
> side has been over-simplified.] The phone company bills the user on their
> phone bill and splits the revenues then with the ISP. The ISP no longer
> needs modems, or any authentication system, just a large leased line to the
> phone company virtual POPs and a bank account to receive the monthly checks.
>
> Script kiddies love this. The only way to stop the kiddie is a court order
> to track down the phone number from the virtual POP and who called. Not as
> easy as adding a filter to a net or closing a user's account. So an RBL
> for script kiddie nets is not as easy as it may sound to some.
>
> -Hank
--
Thank you;
|--------------------------------|
| Thinking is a learned process. |
| ICANN member @large |
| Gigabit over IP, ieee 802.17 |
|--------------------------------|
Henry R. Linneweh
