Home page logo
/

nanog logo nanog mailing list archives

Re: [nanog] Re: SMURF amplifier block list
From: Stephen Balbach <stephen () clark net>
Date: Sat, 11 Apr 1998 20:51:18 -0400 (EDT)

On Sat, 11 Apr 1998, Michael Dillon wrote:

On Sat, 11 Apr 1998, Sean M. Doran wrote:

This is a monumental admission: I think Karl is doing the right thing.

However there are a couple of minor flaws that could be fixed.

One is to sort the list by IP address to make it easier for folks to scan
through and see if they recognize any addresses of companies that they
have some contact with. Even better would be to include the netblock names
from whois.arin.net.

And the other is to include the URL of a website that explains how to fix
the problem. This makes it a whole lot easier to explain to people. 

P.S. maybe there is a 3rd flaw.... Maybe the list should be posted to
     alt.2600 as well? >:->

Another problem. Say I (and others) use this list. How do I know when the
perpetrators fix it? They may contact Karl. Karl may or may not keep the
blacklist alive on nanog 2 years from now. Bad sites gone good are still
blocked from my site. Is there a easy way to independently verify if it's
been fixed?

Even better if someone kept a central list with accountability. Perhaps
you could pay for verified updated access-lists..  prevent SMURF attacks,
emergency DoS attack swat teams for hire, etc.. a 1-2 man consulting
operation.

        Stb



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault