[60041] in North American Network Operators' Group
Re: WANTED: ISPs with DDoS defense solutions
daemon@ATHENA.MIT.EDU (Mike Tancsa)
Wed Jul 30 14:42:29 2003
Date: Wed, 30 Jul 2003 14:43:16 -0400
To: nanog@nanog.org
From: Mike Tancsa <mike@sentex.net>
In-Reply-To: <20030730145817.GN26798@puck.nether.net>
Errors-To: owner-nanog-outgoing@merit.edu
At 10:58 AM 30/07/2003 -0400, Jared Mauch wrote:
> If someone abuses the PSTN, or other networks they eventually
>will get their service terminated. If people abuse their access by
>launching DoS attacks, we need to catch them and get their access
Gee, wouldnt that be nice. Having personally dealt with one that had ~ 500
hosts involved on several dozen networks, I can confirm that of all the
repeated pleas for help to said networks to track down the controlling
party, I had a grand total of ONE (yes, 1 as in one above zero) who
actually responded with a response beyond the auto-responders.... And that
was to let me know that the user in question had already formatted their
hard drive before the admin could see what was on the machine and who might
have been controlling the machine.
It took several _weeks_ for all the attacking hosts to be killed off with
several reminder messages to various networks. So I dont hold much
optimism for actually tracking down the actual attacker.
---Mike
>terminated. It's a bit harder to trace than PSTN (or other netowrks)
>but I feel of value to do so.
>
> - Jared
>
>--
>Jared Mauch | pgp key available via finger from jared@puck.nether.net
>clue++; | http://puck.nether.net/~jared/ My statements are only mine.
