[56776] in North American Network Operators' Group
RE: DSL-IP Probes Curiousity..
daemon@ATHENA.MIT.EDU (McBurnett, Jim)
Fri Mar 14 07:53:08 2003
Date: Fri, 14 Mar 2003 07:52:32 -0500
From: "McBurnett, Jim" <jmcburnett@msmgmt.com>
To: "Mike Tancsa" <mike@sentex.net>
Cc: <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
=20
> There is so much of it, I liken it to Internet background=20
> radiation. In=20
> fact, if I didnt see a constant stream of this (either by=20
> accident-- SNMP=20
> auto discovery, or design-- lets find all the 'private' routers and=20
> switches out there) I would be more worried as my network=20
> probably has been=20
> blackholed!
Good Point!!
>=20
> In terms of reporting it, I usually do if its more than just=20
> some automated=20
> probe and is a directed attack against a particular device=20
> and is causing=20
> some grief or potential grief. But it would be a full time=20
> job evaluating=20
> and responding to each and every scan/hack attempt as the=20
> volume is way too=20
> high. I think something like dshield is going in the right=20
> direction.=20
> Ultimately if these things are not reported and the people doing them=20
> sanctioned somehow, it wont stop.
Yeah, If a dshield type system is used and the ISP's can use that to=20
add to the Abuse reports.. That would be great!
> Also, its March Break in many parts of North America... More=20
> time to do=20
> these sorts of things.
>=20
Yeah, and don't forget spring exams in the AP Rim...
That is always bad too....
J
