The purpose of this message is to solicit participation in birds of a
feather (BOF) session to discuss the Distributed Denial of Service (DDOS)
problem.
WHO: Everyone interested in aggressively addressing a category of attack
threatening Internet-connected systems.
WHAT: We (ICSA.net ) are have put together at least two BOF's to discuss
DDOS attacks in the trin00, TFN, TNF2K, stacheldraht...family.
WHEN & WHERE: The next BOF session will be Monday, February 7, 2000 from 7
to 9 pm at Doubletree Hotel San Jose, 2050 Gateway Place, San Jose, CA -
phone 408-453-4000 (conference hotel). Refreshments will be served. This
BOF session coincides with the North American Network Operators Group
(NANOG) conference and a meeting of ICSA's ISPSec Consortium, but the BOF
is open to all interested parties.
WHY: The goals are two-fold initially, awareness of the problem and see if
the collection of smarts at a BOF can suggest effective ways of dealing
with these attacks other than "hoping" the clue-challenged secure their
systems before the trojans are installed.
relevant URL's:
http://www.icsa.net/html/communities/ispsec/
http://www.nanog.org/mtg-0002/
http://www.washington.edu/People/dad/
http://www.ietf.org/internet-drafts/draft-moskowitz-hip-01.txt
http://www.ietf.org/internet-drafts/draft-moskowitz-hip-enc-00.txt
http://www.ietf.org/internet-drafts/draft-moskowitz-hip-dns-00.txt
http://www.ietf.org/internet-drafts/draft-moskowitz-hip-arch-01.txt
Tentative Agenda:
Introduction:
The Problem:
Technical Review of Attack tools
Trends/ Implications/ Characteristics
Possible Mitigations:
Scanning for Master / Slaves
ISP Egress /Ingress Filtering
Potential Protocol Changes HIP
Open discussion
Next Steps
Noteworthy Participants:
Dave Dittrich
Bob Moskowitz
--
Regards,
Dave Kennedy CISSP
Director of Research Services, ICSA.net http://www.icsa.net
Protect what you connect.
Look both ways before crossing the Net.
Received on Feb 07 2000
Intro
