North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
RE: Yahoo! Lessons Learned
- From: Roeland M.J. Meyer
- Date: Tue Feb 08 12:45:06 2000
> From: firstname.lastname@example.org [mailto:email@example.com]On Behalf Of
> Sean Donelan
> Sent: Tuesday, February 08, 2000 3:26 AM
> As much as I enjoy finding out about Yahoo & GlobalCenter issues by
> reading the newswires, I wonder if there are any lessons we can learn
> from these events. Or was this not big enough to get attention of
> upper management?
I doubt if upper management could have done anything about it. AFAICT, Yahoo
was not compromised directly. Reports that I have seen, and some of them are
hearsay, indicated that this is one of the very first of a distributed DOS
attack. One that CERT recent;ly warned us about.
> Was there something Yahoo!, GlobalCeneter or other providers could
> have done, either individually or in cooperation, to prevent the problem?
> Likewise, could they, individually or in cooperation with other providers,
> have shortened the duration or severity by doing something different?
> And finally, would they be more successfull in tracking the source the
> the problem by doing something different?
The only defense I can think of is to prevent other systems from being
"owned". This takes a tightly cooperative environment. We don't have this.
At best, we have a loosely co-operative anarchy, with none of the big
entities playing together consistently. Evenso, this may not be possible.