On Mon, 5 May 2003, Christopher L. Morrow wrote:
I suppose contacting upstreams for traceback and filtration isn't something they want to do??
I may not be on the correct lists to hear about the local Pakistan ISP scene, but I didn't find much technical information about what was happening. The attacks APPEAR to be originating from India and a virus called YAHA which targets certain Pakistan government web sites, .PK top-level domain name servers and the primary Internet exchange in Pakistan. Most of the Pakistan Internet traffic is funneled through a single exchange point and official provider PTCL. Good for intelligence agencies, bad for reliability and DDOS survivability. YAHA variants have been circulating since last June. The infected computers are inside and outside of Pakistan, and continuing to increase So you need to solve 1. Viruses 2. Spam 3. DDOS I suppose you could renumber/rename Pakaistan. But when the next variant of Yaha was released, it would probably just include the updated information. One of the government ministers suggested moving some of the official sites to the colocation in the US. It might help in the short term, since the US has excess bandwidth and can absorb the attacks longer.