[69006] in North American Network Operators' Group
Compromised Hosts?
daemon@ATHENA.MIT.EDU (Deepak Jain)
Sun Mar 21 19:26:57 2004
Date: Sun, 21 Mar 2004 19:26:24 -0500
From: Deepak Jain <deepak@ai.net>
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
Nanogers -
Would any broadband providers that received automated, detailed
(time/date stamp, IP information) with hosts that are being used to
attack (say as part of a DDOS attack) actually do anything about it?
Would the letter have to include information like "x.x.x.x/32 has been
blackholed until further notice or contact with you" to be effective?
If even 5% of these were acted upon, it might make a difference. The
question is... would even 1% be?
Thanks for your opinions,
DJ
