nanog mailing list archives

RE: Yahoo! Lessons Learned

From: "K. Graham" <kgraham () ican net>
Date: Tue, 08 Feb 2000 09:47:58 -0700


On 8 Feb 2000, Sean Donelan wrote:

Date: 8 Feb 2000 03:25:36 -0800
From: Sean Donelan <sean () donelan com>
To: nanog () merit edu
Subject: Yahoo! Lessons Learned

As much as I enjoy finding out about Yahoo & GlobalCenter issues by
reading the newswires, I wonder if there are any lessons we can learn
from these events.  Or was this not big enough to get attention of
upper management?


Possibly.


Was there something Yahoo!, GlobalCeneter or other providers could
have done, either individually or in cooperation, to prevent the

problem?


Yes.
One of the emails sent in, mentioned that a network they work with or
for was being utilized as an amplifier.  Each network that have
gateway routers should ensure that they disallow IP broadcasts.

It was mentioned that this was a co-ordinated attack.  That meant a bit
of
planning and access to various machines.   As to the number of attackers

only Yahoo's internal people may know.  Even then it may have only been
one individual with a script that accessed many locations at one time
and
initiated the commands.  There is the ability to do such an attack.

The reality of "stay connected 24/7" at the household level with
highspeed internet, makes the possibility  of this attack more of
a multi level victom attack.   Home users do not know that they are
leaving the door open to exploitation with simple Window's shares.  Savy

people gain access to the cable and dsl modem user's PCs and then launch

their attacks. Small utilities are put in place to make it easier to
find
the exploited machines.  Thus creating a network of available attack,
harder to track connections.

Education is a tool that can be used to inform customers.  If each node
on
the Internet takes care of it's own doors then there will be less
available launching pads. Thus making it a bit simpler to track an
attack.
Who or what will do the education is a question.  Who are the
responsible
parties if no education is taken or given?  To me, the responsiblity
question is a nitemare at best.

I just hope Yahoo's unfortunate incident opens some eyes, some lines
of communication and education.

K. Graham
Network Analyst, CCNA
kim () penguin-power com

Current thread:

Re: Yahoo! Lessons Learned, (continued)
- Re: Yahoo! Lessons Learned Patrick Greenwell (Feb 08)
- Re: Yahoo! Lessons Learned Paul Ferguson (Feb 08)
- RE: Yahoo! Lessons Learned Roeland M.J. Meyer (Feb 08)
  - Re: Yahoo! Lessons Learned Wayne Bouchard (Feb 09)
    - Re: Yahoo! Lessons Learned brett watson (Feb 10)
    - Re: Yahoo! Lessons Learned Richard Steenbergen (Feb 10)
    - Re: Yahoo! Lessons Learned Paul Ferguson (Feb 10)
    - Re: Yahoo! Lessons Learned NANOG Mailing List (Feb 10)
    - Re: Yahoo! Lessons Learned Vijay Gill (Feb 10)
- Re: Yahoo! Lessons Learned Wayne Bouchard (Feb 09)
- RE: Yahoo! Lessons Learned K. Graham (Feb 08)
  - Re: Yahoo! Lessons Learned Daniel Senie (Feb 08)
    - Re: Yahoo! Lessons Learned Kai Schlichting (Feb 09)
    - Re: Yahoo! Lessons Learned Henry Kilmer (Feb 09)
    - Re: Yahoo! Lessons Learned Dan Hollis (Feb 09)
    - Re: Yahoo! Lessons Learned Wayne Bouchard (Feb 09)
  - Re: Yahoo! Lessons Learned Wayne Bouchard (Feb 09)
- RE: Yahoo! Lessons Learned Ron Buchalski (Feb 08)
  - Re: Yahoo! Lessons Learned John Payne (Feb 09)
- Re: Yahoo! Lessons Learned Vadim Antonov (Feb 08)
  - Re: Yahoo! Lessons Learned Dan Hollis (Feb 08)

(Thread continues...)