On Sat, 23 Jun 2001, Christopher A. Woodfield wrote:
At a conference in late 1999, UUNet announced that they had anti-spoof filters in place on their dialup ports. Not that that amount to much in contrast to teh amount of spoofed DDOS traffic from cable providers, mind you...IIRC, it's the cable providers that need to put up the anti-spoofing filters the most.
The many ways in which cable providers fail to care about security is mindboggling. One local outfit here dumps customers by the dozens in a broadcast domain on what boils down to a non-switched network, allowing customers to sniff traffic from most of their neighborhood. Few people actually realize that they are sending plaintext passwords to ftp servers and pop3 servers, even those of the cable provider itself. I also have yet to see the first cable ISP that hands out instructions to its customers on how to close down unwanted network services of their Windows machines. People don't see the danger of remaining connected to the same ip-address for days at a stretch on a high bandwidth connection with a Windows machine that has hardly been configured. When they did dialin, this never was a problem; Chances of being hit by a malicious scan _and_ getting compromised by a scriptkiddy during the one hour a day they were actually online were much lower and so was the payoff for the scriptkiddies, since a shitty 28k8 dialup didn't really make much of a diference. Cheers, Pi