Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Yahoo offline because of attack (was: Yahoo network outage)

  • From: Jim Williams
  • Date: Thu Feb 10 00:13:07 2000

Anyone find it interesting that all the big name sites are getting hit
except AOL?  Makes you wonder....

Jim Williams                  Ntrnet Systems, Inc.
President/CEO                 Research Triangle Park, NC
jaw12@ntrnet.net              (919)484-0504 fax(919)484-0782


On Thu, 10 Feb 2000, Christopher B. Zydel wrote:

> 
> On Wed, Feb 09, 2000 at 03:51:45PM -0500, Travis Pugh wrote:
> > Host-by-host prevention, during an attack, should be very easy
> > ... assuming a minimal amount of cooperation between upstream provider and
> > compromised network, if link utilization is tracked and the spike is
> > noticible.  Perhaps we should be notifying operations staff to be on the
> > lookout for suddenly saturated circuits, and to be prepared to help out
> > owners of compromised hosts with filter configuration?
> 
> This sort of alarming is fairly trivial.  Just about any network management
> system can be configured to poll interface counters on a regular basis and
> alarm when some threshold is reached.  The difficult question to answer is
> "How long should the link be saturated before sending an alarm".  With high 
> speed links this is a lot easier.  It's relatively easy to saturate a T1
> with a file transfer, however the same would not be true for an OC-3c.  
> This type of alarming should be based upon deviation from the established
> mean as well.  (For example, if a circuit sees around 50mbit/sec worth of 
> usage on a regular basis, and then spikes to 130mbit/sec and stays there, 
> something is clearly wrong)
> 
> /cbz
> 
> 






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.