The purpose of this message is to solicit participation in birds of a
feather (BOF) session to discuss the Distributed Denial of Service (DDOS)
problem.
WHO: Everyone interested in aggressively addressing a category of attack
threatening Internet-connected systems.
WHAT: We (ICSA.net ) are offering to put together at least two BOF's to
discuss DDOS attacks in the trin00, TFN, TNF2K, TFNTK,
stacheldraht...family.
WHEN & WHERE: The first BOF session will be Tuesday January 18, 2000 from 7
to 9 pm at Hyatt Saint Claire Hotel, Ballroom Lobby Level. Refreshments
will be served. This BOF session coincides with the RSA conference but the
BOF is located across the street from the Convention Center and is open to
all interested parties.
The second BOF will coincide with the North American Network Operator's
Group conference (Feb 6-8, 2000 at the Doubletree Hotel, San Jose CA). The
date and precise location of the BOF are being determined.
WHY: The goals are two-fold initially, awareness of the problem and see if
the collection of smarts at a BOF can suggest effective ways of dealing
with these attacks other than "hoping" the clue-challenged secure their
systems before the trojans are installed.
relevant URL's:
http://www.rsasecurity.com/rsa2000/main.html
http://www.nanog.org/mtg-0002/
Tentative Agenda:
Introduciton:
The Problem:
Technical Review of Attack tools
Trends/ Implications/ Characteristics
Possble Mitigations:
Scanning for Master / Slaves
ISP Egress /Ingress Filtering
Potential Protocol Changes HIP
Open discussion
Next Steps
Noteworthy Participants:
Dave Dittrich
Steve Crocker
Paul Krumviede
Bob Moskowitz
Jon McCown
Organizations that will participate include:
MCI
ISS
Bindview
Security Focus
Secure Computing Corp Intrusion Services
IT Security Services
--
Regards,
Dave Kennedy CISSP
Director of Research Services, ICSA.net http://www.icsa.net
Protect what you connect.
Look both ways before crossing the Net.
Received on Jan 17 2000
Intro
