nanog mailing list archives
Re: A modest proposal
From: "Robert E. Seastrom" <rs () bifrost seastrom com>
Date: Tue, 17 Sep 1996 18:51:48 -0400 (EDT)
From: Allan Chong <allan () bellsouth net> Tracking down hacked machines would be quicker. Sometimes you might be able to track back to the source where you could pull the ANI or callerid information out of the radius accounting logs and have someone knocking on their door. You only have to do this for 1 in 10 attacks before rumors spread around the hacker community and it stops. This discussion of securing dialup servers is pointless. I guarantee you that the 2000 packet/second SYN attacks we've been seeing are coming from a compromised host on a high speed connection and not from someone's 28.8k dialup connection. The hackers just take over a machine, use it to launch their attacks, and disappear into the jungle if we manage to find the particular machine they're using tonight. Harden your servers, filter on all non-transit ports on your routers, but let's let the how-to-do-filtering-on-terminal-servers discussion die, OK? ---Rob - - - - - - - - - - - - - - - - -
Current thread:
- A modest proposal Allan Chong (Sep 17)
- Re: A modest proposal Robert E. Seastrom (Sep 17)
- Re: A modest proposal Allan Chong (Sep 17)
- Re: A modest proposal Dalvenjah FoxFire (Sep 17)
- Re: A modest proposal Robert E. Seastrom (Sep 17)
- Re: A modest proposal Dalvenjah FoxFire (Sep 17)
- Message not available
- Re: A modest proposal Kelly J. Cooper (Sep 18)
- Re: A modest proposal Robert E. Seastrom (Sep 18)
- Message not available
- Re: A modest proposal Kelly J. Cooper (Sep 18)
- Re: A modest proposal Allan Chong (Sep 17)
- Re: A modest proposal Robert E. Seastrom (Sep 17)
- Re: A modest proposal Robert E. Seastrom (Sep 17)
- Re: A modest proposal Michael Dillon (Sep 17)
- Re: A modest proposal Robert E. Seastrom (Sep 17)