Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Government scrutiny is headed our way

  • From: Karl Denninger
  • Date: Tue Jun 16 14:21:17 1998

On Tue, Jun 16, 1998 at 10:44:47AM -0700, Michael Dillon wrote:
> 
> Government scrutiny is headed our way
> http://www.fcw.com/pubs/fcw/1998/0615/fcw-frontcyber-6-15-1998.html
> 
> The feds are worried that it is too hard to track down cyber attackers.
> Although the article doesn't say this explicitly I expect that it won't be
> long before we see politicians calling for some sort of mandated tracing
> capabilities between network providers
> 
> And since IOPS http://www.iops.org/ is hosted by a government funded
> agency located on the outskirts of DC, I expect that it will be involved
> in this whole thing.
> 
> If we could track attacks to their source more quickly, then government
> would not feel the need to intervene. This may require some changes to
> router software but unless network operators ask for the changes, the
> manufacturers will not do it.
> 
> We need some sort of protocol that will recursively track spoofed source
> address packets back to their source one hop at a time. Given a
> destination address the protocol would track it to the previous hop router
> and recurively initiate the same tracking procedure on that router. Once
> the attack is tracked to the source, the probe would unroll and report the
> results to all routers along the probe path for logging or reporting. 
> 
> We have seen that when misconfigured equipment can be quickly identified,
> such as the smurf amplifiers, then we can apply pressure and get things
> fixed. Similarly if we can quickly identify the source of a spoofed source
> address attack then we can apply pressure to get filters in place and have
> people arrested or secure an insecure machine as the case may be.
> 
> --
> Michael Dillon                 -               Internet & ISP Consulting
> Memra Communications Inc.      -               E-mail: michael@memra.com
> http://www.memra.com           -  *check out the new name & new website*

It is about goddamn time, and I hope the government DOES get involved.

Try calling ANY of the major NOCs to get a smurf traced.  Good luck.  I 
have yet to have even attacks going on for more than an hour successfully
traced back to their source.

--
-- 
Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin
http://www.mcs.net/          | T1's from $600 monthly / All Lines K56Flex/DOV
			     | NEW! Corporate ISDN Prices dropped by up to 50%!
Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS
Fax:   [+1 312 803-4929]     | *SPAMBLOCK* Technology now included at no cost




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.