Bugtraq mailing list archives

Announce: BOF on Distributed DoS, San Jose 1/18/00

From: david.kennedy () ACM ORG (David Kennedy CISSP)
Date: Sun, 16 Jan 2000 02:37:57 -0500


The purpose of this message is to solicit participation in birds of a
feather (BOF) session to discuss the Distributed Denial of Service (DDOS)
problem.

WHO: Everyone interested in aggressively addressing a category of attack
threatening Internet-connected systems.

WHAT: We (ICSA.net ) are offering to put together at least two BOF's to
discuss DDOS attacks in the trin00, TFN, TNF2K, TFNTK,
stacheldraht...family.

WHEN & WHERE: The first BOF session will be Tuesday January 18, 2000 from 7
to 9 pm at Hyatt Saint Claire Hotel, Ballroom Lobby Level.  Refreshments
will be served.  This BOF session coincides with the RSA conference but the
BOF is located across the street from the Convention Center and is open to
all interested parties.

The second BOF will coincide with the North American Network Operator's
Group conference (Feb 6-8, 2000 at the Doubletree Hotel, San Jose CA).  The
date and precise location of the BOF are being determined.

WHY: The goals are two-fold initially, awareness of the problem and see if
the collection of smarts at a BOF can suggest effective ways of dealing
with these attacks other than "hoping" the clue-challenged secure their
systems before the trojans are installed.

relevant URL's:
http://www.rsasecurity.com/rsa2000/main.html
http://www.nanog.org/mtg-0002/

Tentative Agenda:

Introduciton:
The Problem:    
        Technical Review of Attack tools        
        Trends/  Implications/ Characteristics

Possble Mitigations:
        Scanning for Master / Slaves            
        ISP Egress /Ingress Filtering           
        Potential Protocol Changes  HIP
        Open discussion                 
        Next Steps                                      

Noteworthy Participants:

        Dave Dittrich
        Steve Crocker
        Paul Krumviede
        Bob Moskowitz
        Jon McCown

Organizations that will participate include:

        MCI
        ISS
        Bindview
        Security Focus
        Secure Computing Corp Intrusion Services
        IT Security Services


--
Regards,

Dave Kennedy CISSP
Director of Research Services, ICSA.net http://www.icsa.net
Protect what you connect.
Look both ways before crossing the Net.

Current thread:

Re: WebSitePro/2.3.18 + 2.4.9 is revealing Webdirectories Lark Lizerman (Jan 13)
- Re: HOTMAIL is revealing Webdirectories Gushterul (Jan 15)
- Announce: BOF on Distributed DoS, San Jose 1/18/00 David Kennedy CISSP (Jan 15)