[46558] in North American Network Operators' Group
Re: How to get better security people
daemon@ATHENA.MIT.EDU (Avleen Vig)
Thu Apr 4 05:21:07 2002
Date: Thu, 4 Apr 2002 11:19:57 +0100 (BST)
From: Avleen Vig <lists-nanog@silverwraith.com>
To: Richard A Steenbergen <ras@e-gerbil.net>
Cc: batz <batsy@vapour.net>, Sean Donelan <sean@donelan.com>,
"Christopher E. Brown" <cbrown@woods.net>, NANOG <nanog@merit.edu>
In-Reply-To: <20020403174531.GG562@overlord.e-gerbil.net>
Message-ID: <20020404111453.A31296-100000@apple.silverwraith.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 3 Apr 2002, Richard A Steenbergen wrote:
> As for your service listing them... Smurfs aren't spam, so I'm not sure
> what you plan to accomplish by making the data available via DNS, it would
> really only be useful as a BGP feed. Even then, it's usefulness is
> limited. I suppose you could null route traffic to specific broadcast
> addresses to prevent people originating smurfs from your network with
> minimal impact on legit services, or if you are a big transit provider
> with balls you could apply it to all your customers.
SAFE is a daughter-project of the IRCNetOps project (www.ircnetops.org)
who areIRC network admins from small and large networks who came together
last year after getting rather pissed off by constant DoS attacks.
No, not just little admins with shells on little networks, but also bigger
admins on the bigger networks who run servers at ISP's too.
The service could be used to deny IRC access to their networks to people
who come from broken networks.
> There is no protocol (disclaimer: that I'm aware of) for distributing IP
> lists that could be filtered by source address, let alone other more
> intelligent things like distributing firewall rulesets so you could pick
> off only the echo replies, BUT MAYBE THERE SHOULD BE. <-- HINT!
Maybe there should be :-)
Wnat to do it? ;-)
