On Fri, 17 Jan 2003, Haesu wrote:
I guess the question of all this is may be... what could be done to perhaps... to minimize the impact of DoS attacks pointed at a victim host?
Everyone take security more seriously, have some inhouse security clue, deal with incidents in a timely manner with a decent response... its about due diligence, eh?
Getting everyone to take security more seriously will most likely never going to happen.. :(
If this is the case then we are screwed... I hope its not the case, I hope that the customer service folks at ISP/NSP's and NOC and Engineering folks all keep this in their minds and push their upper management to start doing the right thing. It really doesn't cost that much, and its certainly cheaper than the cost of outages or lost revenue when your business is DoS'd, eh?
-hc
On Fri, 17 Jan 2003, Clayton Fiske wrote:
On Fri, Jan 17, 2003 at 06:38:08PM +0000, Christopher L. Morrow wrote:
On Fri, 17 Jan 2003, John Kristoff wrote:
impractical). If the sources can be tracked, perhaps they can be stopped (but large number of sources make this a scaling issue and sometimes not all responsible parties are as cooperative or friendly as you might like). There is also the threat of legal response, which could encourage networks and hosts to stop and prevent attacks in the
Legal response to the kiddies has never shown a marked improvement in their behaviour. Much like the death penalty... its just not a deterrent, perhaps because its not enforced on a more regular basis, perhaps because no one thinks about that before they attack.
I think John was more referring to legal action against networks and hosts used in the attack.
Without getting too much into the likelihood of any legal body actually understanding anyone's role in an attack besides the attacker and the victim, in this land where tobacco companies are sued by smokers who get lung cancer and fast food restaurants are sued by fat people there must be room for such cases as:
"XYZ Corp cost me $5mil in lost business. They were negligent in securing their (network|host) from being used as a DoS attack tool despite being informed of such by us both before and during said attack."
Perhaps this would cause companies to take security more seriously?
Have there been any such cases to date? Did they win?
-c