Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Government scrutiny is headed our way

  • From: Henry Linneweh
  • Date: Sun Jun 21 05:12:29 1998

Now that we have gotten down to the nitty gritty here.

AGAIN the main mechanism for spoofing the smurf attacks is A program
call wingate, ban that code and this problem will be cut more than in half.

Next there is a rumor that 8000 users have been infected with a tweaked
system.exe file that makes that user a smurf amplifier unwittingly. These
are things to watch for. I wish there was an easier way to break bad news.

Henry

Joe Shaw wrote:

> On Sat, 20 Jun 1998, Henry Linneweh wrote:
>
> > Well DoS and smurf are only different in terms of the packet amounts and
> > method to convey them, so in essence A smurf is another form of DoS on
> > A larger scale. An existing law already covers that.
>
> How do you come up with that?  A DoS attack is anything that makes a
> resource on a host or network unusable.  Let's remember that the whole
> point of the attack is to deny service, whether it be pop3 service with a
> syn flood or bandwidth with smurf, fraggle, or generic ping flood.  A
> smurf attack is a DoS is a DoS is a DoS.
>
> > If A NOC refuses to obey the law and investigate on behalf of a paying
> > client that DoS has occurred than they become party to a criminal act
> > after the fact and are as guilty as the originator of the attack and can
> > be held accountable and their staff can arrested and you have the
> > right to sue for $4000.00 as do each one of your individual
> > customers.
>
> I've never heard a NOC say they wouldn't track it down, although I'm sure
> it's happened in the past.  Mostly I've heard that a NOC was incapable of
> tracking it down because of router overhead.  Not to mention the packets
> are almost always going to be traced back to the known smurf amplifiers.
> If it was easy to find people responsible for the operations of those nets
> and get them on the horn we could have had the smurf problem fixed a long
> time ago.  I would like to see if taking one of those people into court
> for being an unknowing party to the crime would be effective.
>
> > Sometimes you have to look at what you have and realize how
> > to use it for the benefit of the whole.
>
> Indeed, but how many people want to invest the time and money involved in
> prosecuting a smurf attack?  Has anyone successfully done it yet?
>
> > As for smurfs crossing international borders where such attacks generally
> > occur from, A group representation to the FCC needs to be formed and
> > the FCC needs then to communicate with its counterpart on the foreign
> > soil using existing treaties that would make that a violation of non
> > aggression
> > pacts and interference in a foreign government and denial of its citizens to
> > communicate pursuant to their constitution  the right of free speech.
> >
> > In A technical sense smurfs from foreign shores are an act of war on
> > networks of the United States by the purposeful intent to disrupt
> > destroy and cripple its computer network infrastructure with A
> > Smurfing mechanism.
> >
> > Henry R. Linneweh
>
> What needs to happen is things like IPSec, ISAKMP, and Oakley become prime
> time so authenticating packets becomes a trivial issue.  However, the U.S.
> Crypto Nazis make it impossible for it to be developed in this country
> because if it is, then it cannot be exported to other countries unless in
> a weakened state.  I don't claim to be a crypto person, but when you think
> about how the game is played, getting to the real root of the problem may
> not be an answer you like.  I'm as patriotic as the next guy [you can read
> that however you like], but for crypto authentication solutions to work
> our government needs to get their hands out of it.
>
> Joe Shaw - jshaw@insync.net
> NetAdmin - Insync Internet Services



--
4i1






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.