[39463] in North American Network Operators' Group
RE: DDoS attacks
daemon@ATHENA.MIT.EDU (Rob Thomas)
Wed Jul 11 23:26:48 2001
Date: Wed, 11 Jul 2001 22:24:22 -0500 (CDT)
From: Rob Thomas <robt@cymru.com>
To: <nanog@merit.edu>
In-Reply-To: <EA9368A5B1010140ADBF534E4D32C728025A05@condor.mhsc.com>
Message-ID: <ROTMAILER.0107112221140.15929-100000@bilbo.sauron.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
] I happen to agree, if only because; when script kiddies don't have IRC to
] play with they'll start looking elsewhere. I'd rather them have an IRC net
] to play with while they're being hunted. Wouldn't you?
Agreed. Keep in mind that when the kiddies really want to test something
nasty, they simply build their own (hidden and secured) IRC servers in
which to park the zombies. So a paucity of IRC servers/networks isn't an
issue to them.
Eradicating IRC isn't the solution. IRC is the "SOSUS net" of DDoS. It
would be wise if everyone paid close attention to what is discovered
therein.
Just my $.02.
--
Rob Thomas
http://www.cymru.com/~robt
cmn_err(CE_PANIC, "Out of coffee...");
