On Sun, 20 Aug 2000, Shawn McMahon wrote:
... or even better, we could all try to work together to take away the attack tools from the kiddies. As long as they have the tool, they'll find some reason to use it.
Our focus should instead be on figuring out ways to make the user of the tool accountable, and implementing appropriate punishment for misuse.
In my world this is included in "taking their tool away", which also include making an effort to discover when their tools are used somewhere (the source) and make an effort to trace it all back to whoever is controlling the tools and nail this person to the wall.
Sometimes the tool is "ping". Do you really want to eliminate it?
Of course not. But the question is if 10mbit of echo requests can be descibed as "ping".
Do you really think we *CAN* eliminate it?
We can never eliminate it, but we can make it harder to use and make an effort to nail the ones abusing it. A start would be to make it criminal negligence worldwide to operate a network that can be abused even after several notices about this fact. If you are a smurf amplifier and have been for quite some time after several notices, you should be punished. If you have rooted machines on your network that are used for DDOS attacks and you do nothing about it, you should too be nailed to the wall. Most of what is done is mostly temporary patches (access lists when an attack is under way) which never solves the problem, just the immediate issue. -- Mikael Abrahamsson email: swmike@swm.pp.se