On Fri, Jul 07, 2000 at 05:00:34PM -0400, Vijay Gill wrote:
On Fri, 7 Jul 2000, Kai Schlichting wrote:
A network design that doesn't allow tracing back spoofed traffic? Way to go, UUnet.
It is fairly clear to anyone with a smidgen of technical competence that this is not a network design issue per se, it is an equipment issue (and a router one at that).
Since I was recently tracking back a 4Mb/s attack coming from UUNet and had a chance to deal with their security department, I think I should comment. a.) The UUNet security department was amazingly helpful and clueful b.) They tracked the attack through their network and down to the customer it was coming from. c.) They were constantly in contact with me durring the tracing to let me know that they were working on it. d.) Once they found it, they put up a filter and contacted me back to check that the attack was over. e.) They then informed me that it was ok to give out UUNet's contact information to any stubborn people who were complaining about the traffic they saw due to their networks being spoofed in the attack. UUNet would be happy to talk to them and discuss what was going on. I've always been impressed with UUNet's ability to handle their customers even with such a large network. They have -never- refused to track an attack for me, and have always been more then helpful.
It is trivially easy to throw stones at other peoples design while sitting behind the helm of your very own multi-terabit ISP of comparable size, I'm sure.
I've dealt with much smaller ISP's with no clue or no want to trace attacks size does not matter in this case.
Now, lets watch Vijay rush to the defense of his, uhm, stock options.
What options would these be?
Obviously a troll :) -- ------------------------------------------------------------------------------- : Steven Noble / Network Janitor / Be free my soul and leave this world alone : : My views = My views != The views of any of my past or present employers : -------------------------------------------------------------------------------