Re: New Denial of Service Attack on Panix
Original message <Pine.BSI.3.93.960921123232.9593B-100000@sidhe.memra.com> From: Michael Dillon <michael@memra.com> Date: Sep 21, 12:34 Subject: Re: New Denial of Service Attack on Panix
On Sat, 21 Sep 1996, Vadim Antonov wrote:
Given the "tragedy of commons" nature of the problem (you work hard to implement filters, which do not benefit _you_)
Source address filters do benefit the small ISP by making him less of a target for hackers looking for a staging point.
Michael Dillon - ISP & Internet Consulting Memra Software Inc. - Fax: +1-604-546-3049 http://www.memra.com - E-mail: michael@memra.com
-- End of excerpt from Michael Dillon
You think a hacker is going to break into your router to check out your IP filter lists first, before breaking into your Unix boxes to attempt an (unsuccessful) attack? They break in just the same. They just don't launch this kind of attack while they're visiting. -matthew kaufman matthew@scruz.net
On Sat, 21 Sep 1996, Matthew Kaufman wrote:
Source address filters do benefit the small ISP by making him less of a target for hackers looking for a staging point.
You think a hacker is going to break into your router to check out your IP filter lists first, before breaking into your Unix boxes to attempt an (unsuccessful) attack?
No, they break into your servers, run a source-spoofing test, then leave to find greener pastures. If they could break into the routers they would just modify the filters but it's harder to break into a router than a server. Michael Dillon - ISP & Internet Consulting Memra Software Inc. - Fax: +1-604-546-3049 http://www.memra.com - E-mail: michael@memra.com
participants (2)
-
matthew@scruz.net -
Michael Dillon