[68285] in North American Network Operators' Group
Re: Source address validation (was Re: UUNet Offer New Protection
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Sun Mar 7 17:28:55 2004
Date: Sun, 7 Mar 2004 22:28:14 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
To: "Stephen J. Wilcox" <steve@telecomplete.co.uk>
Cc: "Christopher L. Morrow" <christopher.morrow@mci.com>,
nanog@merit.edu
In-Reply-To: <Pine.LNX.4.44.0403072204340.15621-100000@server2.tcw.telecomplete.net>
Errors-To: owner-nanog-outgoing@merit.edu
removed paul from the direct reply since his mailserver doesn't like uunet
mail servers :)
On Sun, 7 Mar 2004, Stephen J. Wilcox wrote:
> > smurf attacks are far from 'non-existent' today, however they are not as
> > popular as in 1999-2000-2001.
>
> thats interesting, i've not seen/heard of one for ages.. (guess u have a wider
> testing ground :)
>
just last week we had one... they do still happen.
> > In fact netscan.org still shows almost 9k networks that are 'broken'.
>
> actually i just ran that file thro a quick awk and sort to see to what extent
> these networks exist..
>
> as you can see almost all only reply two or three times, not like in the old
> days with >100 replies being commonplace..
>
Sure, but a list of 9k networks with this leve of response is still enough
to do damage. It's getting better, no doubt about it but it's still a
factor.
--Chris
(formerly chris@uu.net)
#######################################################
## UUNET Technologies, Inc. ##
## Manager ##
## Customer Router Security Engineering Team ##
## (W)703-886-3823 (C)703-338-7319 ##
#######################################################
