Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ABOVE.NET SECURITY TRUTHS?

  • From: John Kristoff
  • Date: Mon May 01 11:30:58 2000

"Henry R. Linneweh" wrote:
> My fundamental question here is where is the directory where
> all these new DDoS toyz and other forms of destruction
> located at?

Potentially millions of hosts.

> How are they getting to these programs?
> A solution is system wide scans for code segments in
> programs that spawn attacks and remove them and the
> users who have them without a valid reason.
> 
> Search records for ssh, stelnet, telnet connections to
> boxes other than the primary account.

Since the tools can exist on any individual host on the network, every
single owner/user/admin of an IP address would need to scan their
machine.  While I agree its a host problem, it's extremely difficult to
fix with host solutions alone.  Even if you did, you still won't be able
to stop the creation and dissemination of tools amongst the bad guys.

> Tighten up on hosted domains TOS and force Domain registrars
> to cancel domains involved in criminal activity.

I agree, some form of shunning could help cause people to batten down
the hatches.  This assumes you know where the problem is originating
from.

John





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.