On Mon, Jan 11, 1999 at 12:14:04PM -0500, Jeremiah Kristal put this into my mailbox:
On Mon, 11 Jan 1999, Phil Howard wrote:
<<snip discussion about how clueful operators filter RFC1918 addresses>>
Granted it's not that large an amplifier, but it seems odd that even an RFC1918 network would be used as an amplifier for this long without someone finding and securing it.
If that were true, we wouldn't have smurf attacks at all. There are still many, many clueless or otherwise incompetent ISPs and/or companies out there (many of whom are large ISPs and/or telcos who should know better but don't) who have many, many smurf-amplifier netblocks. Heck, the US Military has half of the entries at netscan.org (and they're supposedly the ones worried about "cyber-terrorism"). I've come to the unfortunate conclusion that very few people seem to care about system and network security until they are directly affected because of something they neglected. If it were otherwise, you wouldn't see "well-known" sites such as Yahoo, the NY Times, starwars.com &etc. getting hacked week after week. Much as I hate to say it, this seems to be one area where industry self-regulation has utterly failed. I don't know what would be a better solution; I hate to suggest government regulation. But I'm at a loss here. -dalvenjah -- Dalvenjah FoxFire (aka Sven Nielsen) May the schwartz be with you! Founder, the DALnet IRC Network e-mail: dalvenjah@dal.net WWW: http://www.dal.net/~dalvenjah/ whois: SN90 Try DALnet! http://www.dal.net/