Re: [CORE] Blacklist all Windows demons ...

On Tue, 30 Mar 2004, Josh Berkus wrote:

> Marc,
>
> > Well, we can always add in a hearty hello to the US CIA(?) by adding
> > mention that DDoS attacks are a form of terrorism that hurts the US ppl
> > more then anyone else, as it affects more sites in the US then the rest of
> > the world ... maybe we can get some of that anti-terrorism money invested
> > in electronic terrorism?
>
> Hey, make up your mind.  First you make fun of use Americans for our
> "new Red Scare" and then you want to give the CIA an excuse to go after
> hackers?

me, was just rambling ... personally, what I'd like to see (or find) is
some sort of organized movement amongst ISPs themselves to combat the
problem ... from my scan of Google this morning, apparently there are
several things that ISPs *can* do to reduce/prevent the occurance of DDoS
attacks, or, at least make it more difficult to do, but most don't ...

For instance, how many ISPs out there have anti-spoofing enabled in their
routers, which, from what I've read, is the biggest thing that a
cyber-terrorist uses in their DDoS attacks.  I know when I worked at the
University, *I* had to explain to the network manager that our router even
supported such a thing :(

I guess the biggest nightmare as far as tracking down DDoS attacks is the
attacks come from spoof'd IPs, so without *alot* of work involving
upstreams, narrowing down where the attack is coming from is near
impossible :(

----
Marc G. Fournier           Hub.Org Networking Services (http://www.hub.org)
Email: scrappy@hub.org           Yahoo!: yscrappy              ICQ: 7615664