Re: CCO/cisco.com issues.

["Kai Schlichting" <kai () pac-rim net>]

On Mon, 6 Oct 2003 14:01:31 -0700, Roland Dobbins wrote
> Folks,
>
> We've been handling a multi-vector DDoS - 40-byte spoofed SYN-flooding 
> towards www.cisco.com (198.133.219.25/32) as well as an HTTP-AUTH 
> resource-exhaustion attack, and working these issues with our 
> upstreams.  Our apologies for any inconveniences, and our thanks to 
> those who've assisted in tracing and blocking the spoofed traffic.
>
> We're continuing the work the issue, and would be grateful if 
> operators would check for 40-byte spoofed TCP headed towards 
> 198.133.219.25/32 and trace/block it as warranted.  Your patience and 
> understanding are greatly appreciated.
>
> Thanks!
>
> -------------------------------------------------------------
> Roland Dobbins <rdobbins () cisco com> // 408.527.6376 voice

My mailbox has filled quite a bit (to the tune of a dozen-plus mails)
with comments along the lines of "don't quote me, NANOG is too important
for my work, I don't want to get on Sue Harris' bad side" since my last
so-called "off-topic" NANOG post (which all but *one* person, other than
Sue Harris, found to be "within range and reason").

The spammers,
the DDoS'ers,
the proxy scanners and rapists,
the SMTP auth crackers.
the trojan spreaders,
the DNSBL-DOS'ers,
the hardcore computer criminals
are the evil army of one?

The following well-remembered lines come to mind here, and excuse me if
you hear a slight hysterical laughter from my direction:


"First They Came for the Jews
 First they came for the Jews
 and I did not speak out
 because I was not a Jew.
 Then they came for the Communists
 and I did not speak out
 because I was not a Communist.
 Then they came for the trade unionists
 and I did not speak out
 because I was not a trade unionist.
 Then they came for me
 and there was no one left
 to speak out for me."

 Pastor Martin Niemöller