North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
RE: DDoS attacks
- From: Roeland Meyer
- Date: Sun Jul 15 13:00:23 2001
> From: Brad [mailto:firstname.lastname@example.org]
> Sent: Thursday, July 12, 2001 9:18 AM
> On Thu, 12 Jul 2001, Roeland Meyer wrote:
> > > From: email@example.com [mailto:firstname.lastname@example.org]
> > > Sent: Thursday, July 12, 2001 7:23 AM
> > > I can't help but believe that if even 20% of them
> > > were caught and had to spend just a little time (even
> hours) with the
> > > cops, and had their peecees confiscated, you'd not be seeing
> > > nearly the problems we are now.
> > This is the main point, a script-kiddie hunt, with
> prosecution, is the ONLY
> > real deterrent. Throw some of them in hotel greybar and
> remove them from
> > computing, for life, and we may see some of this turn around.
> I am just concerned about our current legal systems being
> able to handle such cases efficently. Well.. Perhaps I
> should not use 'legal systems' and 'efficently' in the same
> sentence, but you get the idea ;)
Think "Kaspureff" (AlterNIC). They went after, and nailed, him with gusto
and efficiency. I think that the largest problem is "selective prosecution".
A couple of years ago three MHSC servers were root-kitted via the BIND
interface. It took 18x7 man-hours to scrub and bare-metal recover, without
the suspect backups, those three servers. Even then, we couldn't jump the
FBI's $60K damages hurdle. Yet, Kaspureff, with a lot less provable damage,
got caught, grilled, and chilled.
For those that don't know, this case is the best and most well-known example
of [arguably] deliberate DNS cache poisoning on record. If you don't
remember it then you need not comment.
The point is that our legal systems can move with great alacrity, given