[37246] in North American Network Operators' Group
RE: black hat .cn networks
daemon@ATHENA.MIT.EDU (Paul Lantinga)
Tue May 8 01:41:31 2001
Message-ID: <05924A4A9DEDAD46A21EE3C8C64B090D5ACF69@cheetah.zoo.q9networks.com>
From: Paul Lantinga <prl@q9.com>
To: 'Justin Hinderliter' <justin@interaccess.com>
Cc: nanog@merit.edu
Date: Tue, 8 May 2001 01:39:08 -0400
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C0D781.36AD924C"
Errors-To: owner-nanog-outgoing@merit.edu
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C0D781.36AD924C
Content-Type: text/plain;
charset="iso-8859-1"
> -----Original Message-----
> From: Justin Hinderliter
> > The past week i've seen attacks increase 5-fold, mostly
> 111/udp attacks
[snip]
Justin, et al, do you have any *proof* that these attacks are coming from
Chinese attackers on Chinese machines? If so, look for commonalities
amongst the attacks such as common netblocks etc. If not, the hype could
probably be routed into the round file. Attacks happen all the time to the
good and the bad. We still need good documentation and due diligence.
Until then, join "North America Nonblocking Oriental Groups"
-Paul Lantinga
--
Pretty much guaranteed that these are solely my opinions
------_=_NextPart_001_01C0D781.36AD924C
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2650.12">
<TITLE>RE: black hat .cn networks</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=3D2>> -----Original Message-----</FONT>
<BR><FONT SIZE=3D2>> From: Justin Hinderliter</FONT>
<BR><FONT SIZE=3D2>> > The past week i've seen attacks increase =
5-fold, mostly </FONT>
<BR><FONT SIZE=3D2>> 111/udp attacks</FONT>
<BR><FONT SIZE=3D2>[snip]</FONT>
</P>
<P><FONT SIZE=3D2>Justin, et al, do you have any *proof* that these =
attacks are coming from Chinese attackers on Chinese machines? If =
so, look for commonalities amongst the attacks such as common netblocks =
etc. If not, the hype could probably be routed into the round =
file. Attacks happen all the time to the good and the bad. =
We still need good documentation and due diligence. Until then, =
join "North America Nonblocking Oriental Groups"</FONT></P>
<P><FONT SIZE=3D2>-Paul Lantinga</FONT>
<BR><FONT SIZE=3D2>--</FONT>
<BR><FONT SIZE=3D2>Pretty much guaranteed that these are solely my =
opinions</FONT>
</P>
</BODY>
</HTML>
------_=_NextPart_001_01C0D781.36AD924C--
