[31846] in North American Network Operators' Group
Re: What TO DO and what NOT TO DO [Re: DOS Attacks - Almost Caught
daemon@ATHENA.MIT.EDU (Quark Physics)
Mon Oct 23 22:26:29 2000
Date: Mon, 23 Oct 2000 22:05:42 -0400 (EDT)
From: Quark Physics <meuon@highertech.net>
To: Alexei Roudnev <alex@relcom.net>
Cc: nanog@nanog.org
In-Reply-To: <0fa401c03d52$667d3c70$b608a8c0@genesyslab.com>
Message-ID: <Pine.LNX.4.10.10010232152100.29226-100000@home.highertech.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
> Btw - I am thinking it will end in some kind of _anty hacker_ ISP assotiation which wove to prosecute any attempt to hack every
> if it is harmless itself. Just again, it's the only way. Do you remember why in ansient culture any attempt to forbid the rules
> was prosecuted - not because it was very important, but to stop another ones from going this way.
>
> Technically, it's not big deal to found the hacker - but it's a big work.
The hard part is not the technology, it's the customer(s)
They want their box back operational ASAP, yet complain
when you tell them the must use SSH (putty.exe rocks!)
and such. I have gotten less than no help when I find
the persons box they hacked to get to the box I found.
The key to an anti-hacker ISP association would be
a very special ip address / contact person lookup database.
ie: who/how to contact for the 'SWAT' response for a particular IP
address.
--Mike--
