Re: ICQ & AOL

[Omachonu Ogali <oogali () intranova net>]

On Fri, 28 Apr 2000 dhudes () hudes org wrote:

> The breakin attempts on my server have come from Taiwan and Korea when
> using portmap-based breakins; a number of US-based (@home etc.) have tried
> to abuse samba. I have tried to notify the Taiwan and Korean networks
> involved to no avail. I am in process of creating auto-counterattack tools
> that will determine the allocation range and, assuming I have at least as
> much or more bandwidth (presumably I'm dealing with an ISP serving dialup
> customers), launch floods of packets at the offending netblock (and
> hopefully find and attack the NAS by sending stuff to the RADIUS ports)
> and any other counterattacks to make life miserable so the offending ISP
> has a motive to fix things (i.e. beat them on the head until they behave).
> Every good set of tools needs overall purpose, this will result in
> enhanced WHOIS tools and probably a web page on security tools.

Uhhhh, floods?  I guess it's time to flood UUnet, Qwest, Sprint, or
any other misconfigured network out there. :)
 
> The samba breakins I have to create a script to peel out the breakins and
> send notifications. 

Much better...
 
> On Fri, 28 Apr 2000, Omachonu Ogali wrote:
>
> > So pretty much, you wish to create many different Internet 'islands' by
> > isolating networks that are assigned address space from APNIC and RIPE?
> >
> > By doing so you threaten e-commerce and the businesses of many who receive
> > their international customers via the Internet and yet this is effective.
> >
> > As communication overseas advances in the physical world, you'd further
> > hinder the advancement of the Internet, give ISP's no other choice than
> > cutting their many trans-Atlantic fiber links, and those who wish to keep
> > their links up have to rely on the other side to not be angered and pull
> > the plug on their side, yet this is effective.
> >
> > Take a look at Attrition.org's defacement archive, the majority of the
> > defacers are from the United States, and a lesser crowd from APNIC/RIPE
> > networks, I can't speak on credit card fraud, but should we in turn go
> > around segregating the ARIN networks due to internal misuse, would that be
> > 'effective' to you?
> >
> > On Thu, 27 Apr 2000, Universal Rundle wrote:
> >
> > > I'd venture to say that this is the result of the following phenomena:
> > >
> > > Block all APNIC and RIPE assigned networks at the border and all of the
> > > sudden, hack attempts and CC fraud disappear.
> > >
> > > It's fan-%^&#ing-tasticly simple to do and so very effective.
> > >
> > >
> > > > From: "Igor V. Vorontsov" <iv () akcecc net>
> > > > To: nanog () merit edu
> > > > Subject: ICQ & AOL
> > > > Date: Thu, 27 Apr 2000 13:35:10 +0300 (EEST)
> > > >
> > > >
> > > > Hello colleque,
> > > >
> > > > Sorry my English.
> > > >
> > > > If engeneers from AOL or ICQ is present here...
> > > >
> > > > Many pople from Russia and Ukraine can't connect to your service.
> > > > Your engeeners was closed many networks from Russia and Ukraine.
> > > > But why? Many people from our country was usable service ICQ, but now
> > > > this service is closed for them.
> > > >
> > > > Please open for your service our networks and resolve this problem.
> > > > One of them - network 193.227.207.0/24
> > > >
> > > >
> > > >
> > > > Igor V. Vorontsov
> > > > IV144-RIPE
> > >
> > > ________________________________________________________________________
> > > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

-- 
+-------------------------------------------------------------------------+
| Omachonu Ogali                                     oogali () intranova net |
| Intranova Networking Group                 http://tribune.intranova.net |
| PGP Key ID:                                                  0xBFE60839 |
| PGP Fingerprint:       C8 51 14 FD 2A 87 53 D1  E3 AA 12 12 01 93 BD 34 |
+-------------------------------------------------------------------------+