From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Sean Donelan Sent: Tuesday, February 08, 2000 3:26 AM
As much as I enjoy finding out about Yahoo & GlobalCenter issues by reading the newswires, I wonder if there are any lessons we can learn from these events. Or was this not big enough to get attention of upper management?
I doubt if upper management could have done anything about it. AFAICT, Yahoo was not compromised directly. Reports that I have seen, and some of them are hearsay, indicated that this is one of the very first of a distributed DOS attack. One that CERT recent;ly warned us about. http://www.cert.org/advisories/CA-2000-01.html
Was there something Yahoo!, GlobalCeneter or other providers could have done, either individually or in cooperation, to prevent the problem?
Likewise, could they, individually or in cooperation with other providers, have shortened the duration or severity by doing something different?
highly unlikely.
And finally, would they be more successfull in tracking the source the the problem by doing something different?
The only defense I can think of is to prevent other systems from being "owned". This takes a tightly cooperative environment. We don't have this. At best, we have a loosely co-operative anarchy, with none of the big entities playing together consistently. Evenso, this may not be possible.