[13739] in bugtraq

home help back first fref pref prev next nref lref last post

Reminder: BOF on Distributed DoS, San Jose 2/7/00

daemon@ATHENA.MIT.EDU (David Kennedy CISSP)
Mon Feb 7 18:26:55 2000

Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-Id:  <3.0.5.32.20000206043108.00b29c50@pop.fuse.net>
Date:         Sun, 6 Feb 2000 04:31:08 -0500
Reply-To: David Kennedy CISSP <david.kennedy@ACM.ORG>
From: David Kennedy CISSP <david.kennedy@ACM.ORG>
X-To:         BUGTRAQ <bugtraq@securityfocus.com>
To: BUGTRAQ@SECURITYFOCUS.COM

The purpose of this message is to solicit participation in birds of a
feather (BOF) session to discuss the Distributed Denial of Service (DDOS)
problem.

WHO: Everyone interested in aggressively addressing a category of attack
threatening Internet-connected systems.

WHAT: We (ICSA.net ) are have put together at least two BOF's to discuss
DDOS attacks in the trin00, TFN, TNF2K, stacheldraht...family.

WHEN & WHERE: The next BOF session will be Monday, February 7, 2000 from 7
to 9 pm at Doubletree Hotel San Jose, 2050 Gateway Place, San Jose, CA -
phone 408-453-4000 (conference hotel).  Refreshments will be served.  This
BOF session coincides with the North American Network Operators Group
(NANOG) conference and a meeting of ICSA's ISPSec Consortium, but the BOF
is open to all interested parties.

WHY: The goals are two-fold initially, awareness of the problem and see if
the collection of smarts at a BOF can suggest effective ways of dealing
with these attacks other than "hoping" the clue-challenged secure their
systems before the trojans are installed.

relevant URL's:
http://www.icsa.net/html/communities/ispsec/
http://www.nanog.org/mtg-0002/
http://www.washington.edu/People/dad/
http://www.ietf.org/internet-drafts/draft-moskowitz-hip-01.txt
http://www.ietf.org/internet-drafts/draft-moskowitz-hip-enc-00.txt
http://www.ietf.org/internet-drafts/draft-moskowitz-hip-dns-00.txt
http://www.ietf.org/internet-drafts/draft-moskowitz-hip-arch-01.txt

Tentative Agenda:

Introduction:
The Problem:	
	Technical Review of Attack tools 	
	Trends/  Implications/ Characteristics

Possible Mitigations:
	Scanning for Master / Slaves		
	ISP Egress /Ingress Filtering		
	Potential Protocol Changes  HIP
	Open discussion			
	Next Steps					

Noteworthy Participants:

	Dave Dittrich
	Bob Moskowitz


--
Regards,

Dave Kennedy CISSP
Director of Research Services, ICSA.net http://www.icsa.net
Protect what you connect.
Look both ways before crossing the Net.
home help back first fref pref prev next nref lref last post