At 06:51 PM 9/17/96 -0400, Robert E. Seastrom wrote:

This discussion of securing dialup servers is pointless. I guarantee you that the 2000 packet/second SYN attacks we've been seeing are coming from a compromised host on a high speed connection and not from someone's 28.8k dialup connection. The hackers just take over a machine, use it to launch their attacks, and disappear into the jungle if we manage to find the particular machine they're using tonight.

Harden your servers, filter on all non-transit ports on your routers, but let's let the how-to-do-filtering-on-terminal-servers discussion die, OK?

---Rob

Rob, 'Securing dialup servers' discussion is certainly not pointless; there are certainly considerations that need to be taken in any remote access environment -- that's a fact. Please don't be so quick to dismiss anyone's ideas on this topic; we're going to need full-force input from everyone in the operational world. - paul