-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of John Fraizer Sent: July 11, 2001 11:23 PM To: Timothy Brown Cc: nanog@merit.edu Subject: Re: DDoS attacks
Really? Strange. I can. And just so nobody is mistaken, 100% of my sarcasm resulted in some IRC person whining to the NANOG list VS contacting the NOCs of networks in question directly.
He's not the first one to have posted NANOG asking "Can someone from $NETWORK contact me please?"... Oftentimes if you're being ignored through normal channels, it's probably a good enough method, since someone from every single network seems to lurk around here.
Your comments do not help this situation whatsoever; if you do not like IRC, feel free to rant in your own private forums rather than on a list for network operators.
My comments helped me substantially. I feel MUCH better! If they want to whine about their IRC network being DDoS'd, they should do it on their IRC network and NOT on the North American Network Operators Group mailing list. OOPS! I almost forgot. They're being DDoS'd. They probably can't even log onto their IRC servers. Too bad. Maybe they'll use this as an excuse to perhaps expose themselfs to fresh air (as in OUTSIDE THEIR HOMES.) We can only hope.
Hmmm. Tell me, why can't we s/IRC network/AS13944/ and also s/They/John/ and apply it to your network? The issue here is simple: these people are trying to provide a service, one that's fairly popular and also very easily abused (hmmm, reminds me of large binaries on Usenet, but that's besides the point). They're getting DDoSed. Tell me, with your attitude, do you expect people to help you if someone on your network gets DDoSed? I mean, what makes your customers more important to the rest of the universe than those people's IRC server? (And I should mention that IRC server is someone's customer too, somewhere)
No matter what you may think about IRC, or EFNet in particular, it should be accorded at least your professional courtesy. IRC (EFNet) has been
Excuse me? I'm not condoning ANY attack. If they MUST attack something, I'd rather it be IRC then anything else I can think of.
You seem to be condoning the attack, actually. You're saying above: "Great. Too bad those people are being DDoSed, maybe they can go outside and get a life." That doesn't strike me like an anti-DDoS stance. Remember, their IRC servers and your customers' servers both speak IP...
It is as real a service provided on the Internet as the Web or anonymous FTP sites.
OK. If you say so. (Bwahahahahah!)
Well, I say so too. Of _course_, for each of us, it seems that what matters is only what we provide and our own networks, it seems (I guess humans' natural instictive selfishness applies to network operators). Let's see here: if 66.37.218.192/27 was to vanish, would you care much? would I care much about 66.35.64.0/19 disappearing? Sadly, probably not, but we both should care about each other's networks at least somewhat, because whatever makes 66.37.218.192/27 go byebye may make 66.35.64.0/19 melt the next day.
Running an IRCd is not any better. It's BEGGING to be attacked. I don't feel the slightest bit sorry for you.
And what do you propose to do about running ircd being begging to be attacked? For all we know, in a week from now, it could be running httpd or a DNS server that could be the target. We've already seen it once when a whole bunch of major web sites were the target for a week or so, and I'm fairly sure it could be MUCH worse.
If you do not define EFNet as critical, that is one thing. But the attacks on one IRC network could grow to encompass any other IRC network, or any other service on the Internet.
I don't define *ANY* IRC network as critical.
I don't define AS13944 as critical, either... As I said above, everyone's definition of critical seems to revolve around their own network and perhaps extends to a few hops beyond their borders.
I'm reiterating the obvious here, since you do not seem to possess enough clue to get it yourself. The times, they are a'changin'.
You're funny.
So are you. :) I'm glad all of us here have a good sense of humour.
I have NEVER gotten a SINGLE complaint from a SINGLE lUSER who couldn't get to an IRC network. I don't anticipate it happening any time soon.
You're lucky, then... Every large ISP that I've seen (usually with an incompetent abuse department) that gets blocked from $MAJOR_IRC_NETWORK generally has a number of angry complaining users very soon. Vivien -- Vivien M. vivienm@dyndns.org Assistant System Administrator Dynamic DNS Network Services http://www.dyndns.org/