[39461] in North American Network Operators' Group
RE: DDoS attacks
daemon@ATHENA.MIT.EDU (Roeland Meyer)
Wed Jul 11 23:16:58 2001
Message-ID: <EA9368A5B1010140ADBF534E4D32C728025A05@condor.mhsc.com>
From: Roeland Meyer <rmeyer@mhsc.com>
To: 'Scott Francis' <darkuncle@darkuncle.net>,
"Richard A. Steenbergen" <ras@e-gerbil.net>
Cc: Ariel Biener <ariel@fireball.tau.ac.il>, nanog@merit.edu
Date: Wed, 11 Jul 2001 20:18:30 -0700
MIME-Version: 1.0
Content-Type: text/plain
Errors-To: owner-nanog-outgoing@merit.edu
I happen to agree, if only because; when script kiddies don't have IRC to
play with they'll start looking elsewhere. I'd rather them have an IRC net
to play with while they're being hunted. Wouldn't you?
> -----Original Message-----
> From: Scott Francis [mailto:darkuncle@darkuncle.net]
> Sent: Wednesday, July 11, 2001 7:24 PM
> To: Richard A. Steenbergen
> Cc: Ariel Biener; nanog@merit.edu
> Subject: Re: DDoS attacks
>
>
> On Wed, Jul 11, 2001 at 07:40:45PM -0400, Richard A.
> Steenbergen exclaimed:
> > Hrm you may have an idea there. Since so many attacks are related to
> > EFNet, and there are so many possible reasons for it to be
> impacting the
> > rest of the internet, I propose we introduce a new ICMP
> type, ICMP EFNet.
> > This message type could be used to convey all kinds of important
> > information about why things are broken, for example:
> >
> > ICMP EFNet code 1 - Smurfing
> > ICMP EFNet code 2 - SYN Flooding
> > ICMP EFNet code 3 - Channel takeover
> > ICMP EFNet code 4 - Warring botnets
> > ICMP EFNet code 5 - Dianora
> >
> > and many other useful messages.
>
> regardless of one's opinion on the usefulness/validity/point
> of IRC, I think
> some respect is due EFnet simply considering the antiquity of
> the network, and
> the sheer volume of communication, good bad and indifferent,
> that has flowed
> over it since its inception. I'm sure I'll be flamed for my
> (mis)use of
> 'antiquity', but I think IRC has been, and continues to be, a valuable
> communication tool. Like any useful tool, it tends to be used for both
> beneficial and nefarious purposes.
>
> And let's not forget that any network attack, regardless of
> the target or
> purpose, is a Bad Thing and responsible netizens should do
> their part to help
> eliminate such abuses.
>
> I'm done preaching now; I'm sure those who agree with me
> didn't need a rehash,
> and those that don't are unlikely to change their minds. Just
> wanted to
> provide a counterpoint to the "since $service has no business
> function and
> doesn't increase profits, there's no point in supporting it" crowd.
>
> (not that RAS is necessarily in that crowd; he just happened
> to be the first
> to respond.)
>
> Sometimes things are worth doing, even if doing them causes
> you some grief. I'm
> sure cynicism will eventually overwhelm me and I will realize
> that there's no
> point in sticking one's neck/network out to provide a useful
> service to the
> community.
>
> okay, I'm ready for the flames now.
>
> > --
> > Richard A Steenbergen <ras@e-gerbil.net>
http://www.e-gerbil.net/ras
> PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
--
Scott Francis darkuncle@ [home:] d a r k u n c l e . n e t
Systems/Network Manager sfrancis@ [work:] t o n o s . c o m
UNIX | IP networks | security | sysadmin | caffeine | BOFH | general geekery
GPG public key 0xCB33CCA7 illum oportet crescere me autem minui
