Home page logo
/

nanog logo nanog mailing list archives

Re: Sobig.f surprise attack today
From: Patrick Muldoon <doon () inoc net>
Date: Thu, 28 Aug 2003 16:35:19 -0400


On Thursday 28 August 2003 04:24 pm, Mike Tancsa wrote:
At 11:14 PM 28/08/2003 +0300, Petri Helenius wrote:
Mike Tancsa wrote:
I dont think this would work too well.  The users who are infected often
think something is wrong because their connection and computer are not
working quite right. So they disconnect / reconnect / reboot so they burn
through quite a few dynamic IP addresses along the way.

This is an artifact of ISP´s wanting to have static IP´s as an add-on
premium service
so they provide short lease times and change IP as often as it´s feasible
without
interrupting service unneccessarily.

Huh ?  This is an artifact of the way PM3s and MAX 6096s work with respect
to how IP addresses are assigned out of pools.... i.e. this is the default
behaviour.  The same goes for our DSL pool.

         ---Mike

It isn't about wanting to charge more for a static ip per sea, it is more 
about efficient use of address space. If  I have 10K dialup customers, if I 
go to arin and ask for a /18 so each one of my dialup customers can have a 
static ip, what do you think the response is going to be?  
 


-- 
Patrick Muldoon
Network/Software Engineer
INOC (http://www.inoc.net)
PGPKEY (http://www.inoc.net/~doon)
Key fingerprint = 8F70 6306 F0A7 B8DA BA95  76C4 606A 7DC1 370D 752C

One picture is worth 128K words.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault