Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Yahoo! Lessons Learned

  • From: K. Graham
  • Date: Tue Feb 08 12:01:21 2000

On 8 Feb 2000, Sean Donelan wrote:

> Date: 8 Feb 2000 03:25:36 -0800
> From: Sean Donelan <sean@donelan.com>
> To: nanog@merit.edu
> Subject: Yahoo! Lessons Learned
>
>
> As much as I enjoy finding out about Yahoo & GlobalCenter issues by
> reading the newswires, I wonder if there are any lessons we can learn
> from these events.  Or was this not big enough to get attention of
> upper management?

Possibly.

>
> Was there something Yahoo!, GlobalCeneter or other providers could
> have done, either individually or in cooperation, to prevent the
problem?
>

Yes.
One of the emails sent in, mentioned that a network they work with or
for was being utilized as an amplifier.  Each network that have
gateway routers should ensure that they disallow IP broadcasts.

It was mentioned that this was a co-ordinated attack.  That meant a bit
of
planning and access to various machines.   As to the number of attackers

only Yahoo's internal people may know.  Even then it may have only been
one individual with a script that accessed many locations at one time
and
initiated the commands.  There is the ability to do such an attack.

The reality of "stay connected 24/7" at the household level with
highspeed internet, makes the possibility  of this attack more of
a multi level victom attack.   Home users do not know that they are
leaving the door open to exploitation with simple Window's shares.  Savy

people gain access to the cable and dsl modem user's PCs and then launch

their attacks. Small utilities are put in place to make it easier to
find
the exploited machines.  Thus creating a network of available attack,
harder to track connections.

Education is a tool that can be used to inform customers.  If each node
on
the Internet takes care of it's own doors then there will be less
available launching pads. Thus making it a bit simpler to track an
attack.
Who or what will do the education is a question.  Who are the
responsible
parties if no education is taken or given?  To me, the responsiblity
question is a nitemare at best.

I just hope Yahoo's unfortunate incident opens some eyes, some lines
of communication and education.

K. Graham
Network Analyst, CCNA
kim@penguin-power.com






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.