Re: Recent Attacks

["Philip J. Koenig" <pjklist () ekahuna com>]

On 15 Feb 00, at 14:02, Terry Lee Moore boldly uttered: 

> Punishing them with litigation makes the physche feel better, but the
> hole in the network still exists and the next guy to exploit it may be
> looking for much more from all of us.  If I read correctly, we will
> always have vandals.  What we need to do is punish them in a way
> appropriate, identify what the "real" problems are, and then try to
> bring the "good guy" community together to plug the holes.
>     What's the best way to do that?



Well, considering the nature of the DDOS type of attack, it
seems that at least one lesson to be learned is that the
ISPs and transit providers need to cooperate to block such
spoofed traffic, and/or to track down the perpetrators.  If
communications channels were established in advance, it would
seem to help respond to such things as efficiently as possible.

Cisco also has some very helpful documents which discuss how 
best to block and/or track such traffic.  A number of links to 
these documents are on Paul Ferguson's fine denial-of-service 
resource page located at:

http://www.denialinfo.com/