[31535] in North American Network Operators' Group
Re: Port 139 scans
daemon@ATHENA.MIT.EDU (Dan Hollis)
Wed Sep 27 15:04:56 2000
Date: Wed, 27 Sep 2000 11:58:26 -0700 (PDT)
From: Dan Hollis <goemon@sasami.anime.net>
To: Jason Slagle <raistlin@tacorp.net>
Cc: Ben Browning <benb@oz.net>, nanog@merit.edu
In-Reply-To: <Pine.BSO.4.21.0009271441210.2654-100000@mail.tacorp.net>
Message-ID: <Pine.LNX.4.21.0009271157060.15973-100000@anime.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 27 Sep 2000, Jason Slagle wrote:
> On a somewhat related note, since we obviously have AOL people living and
> they now own ICQ. irc.icq.com has been used for weeks for these kiddies
> to store various ddos clients on. Take a look at #0wned. All compromised
> machines. There are no live opers to deal with it, and emails to
> ircsupport@icq.com go unanswered.
> Is there any way we can deal with things like this?
Route irc.icq.com to null0. If enough networks do this (or better, if
tier1's do), maybe icq will get their head out of their ass and do
something about it.
-Dan
