Re: Denial of service attacks apparently from UUNET Netblocks
Security teams at ISPs should also obtain contact information for their local and federal law enforcement offices. Such contacts should be tested regularly, (eg; monthly) to ensure they are accurate. You can also ask Law Enforcement to provide you with a briefing on the types of computer investigations they are working on and seeing, which may help you plan your method of attack or compensation, or help you justify your continued existance with your upper management.
Since most of the top government computer & network security people are in Baltimore, MD this week, you might try again next week :-) Anyone want to have a BOF at the NSA/NIST conference for ISP security personnel? Once again, federal law enforcement made a public plea for companies and individuals to report attacks. Although they also said they may not be able to do anything due to lack of resources, they made the point they can't justify adding resources if no one reports crimes. Unfortunately law enforcement computer crime jurisdiction is still a hodge-podge of overlapping agencies. In the end you may be better off hiring a retired federal law enforcement person for your security department. Even if they know nothing about computers, they can talk the talk to get action out of the various law enforcement agencies. Robert Steele calls it "hacking the buearacracy."
Also, MCI has released a Denial Of Service "tracking" program called DoStracker that helps to automate detection and tracing of these types of attacks through large backbone networks.
Nice program, thank you. -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation
Also, MCI has released a Denial Of Service "tracking" program called DoStracker that helps to automate detection and tracing of these types of attacks through large backbone networks.
Nice program, thank you.
Sounds like a nice program. Where is it?
ftp://ftp.mci.net/outgoing/dostrack742812.tar Dale At 10:07 PM 10/7/97 -0700, Sharif Torpis wrote:
Also, MCI has released a Denial Of Service "tracking" program called DoStracker that helps to automate detection and tracing of these types of attacks through large backbone networks.
Nice program, thank you.
Sounds like a nice program. Where is it?
Since most of the top government computer & network security people are in Baltimore, MD this week, you might try again next week :-) Anyone want to have a BOF at the NSA/NIST conference for ISP security personnel?
Umm.. there is a problem with that... the week after next is NETSEC97 in New Orleans and followed by LISA. Alex
participants (4)
-
Alex "Mr. Worf" Yuriev
-
Dale Drew
-
Sean Donelan
-
Sharif Torpis