mailing list archives
Re: SMURF amplifier block list
From: Karl Denninger <karl () mcs net>
Date: Sun, 12 Apr 1998 14:59:16 -0500
On Sun, Apr 12, 1998 at 12:35:44PM -0700, Craig A. Huegen wrote:
On Sun, 12 Apr 1998, Alex P. Rudnev wrote:
==>Remember, this intruders use small ISP as their service providers, not
==>huge MCI or SPRINT.
Actually, the majority of these people use compromised root accounts in
educational institutions, educational residence halls w/ Ethernet,
enterprises w/o decent firewalls, and co-location machines.
There are lists which exist of over 200-300 compromised root accounts and
access capabilities from which someone can launch an attack.
Yep. But the point still remains that if you can't get the traffic out of
the source network a smurf attempt doesn't work.
Those "educational" sites which allow residence hall connections to launch
this kind of thing deserve to be permanently black-holed from the Internet
until they fix things. And yes, I know this means they'll have to spend
money. Tough cookies. This is NOT an unsolvable problem (I can solve it
with a $1,000 PC running IPFW between the residence hall Ethernet and the
rest of the campus, or a few statements in a CISCO config) so people saying
its an intractable problem are lying.
Karl Denninger (karl () MCS Net)| MCSNet - Serving Chicagoland and Wisconsin
http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV
| NEW! Corporate ISDN Prices dropped by up to 50%!
Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS
Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost
Re: SMURF amplifier block list Alex P. Rudnev (Apr 12)
Re: SMURF amplifier block list jlixfeld (Apr 13)
Re: SMURF amplifier block list Karl Denninger (Apr 12)
Fixing RFC's WAS Re: SMURF amplifier block list Forrest W. Christian (Apr 13)
Re: Fixing RFC's WAS Re: SMURF amplifier block list Michael Dillon (Apr 13)
Re: Fixing RFC's WAS Re: SMURF amplifier block list Alex P. Rudnev (Apr 13)
Re: SMURF amplifier block list Forrest W. Christian (Apr 13)
Re: SMURF amplifier block list E Pluribus Linux (Apr 13)
Re: SMURF amplifier block list Michael Shields (Apr 13)
Re: SMURF amplifier block list Michael Dillon (Apr 13)