A modest proposal
Paul Ferguson
pferguso at cisco.com
Wed Sep 18 23:13:35 UTC 1996
At 06:51 PM 9/17/96 -0400, Robert E. Seastrom wrote:
>This discussion of securing dialup servers is pointless. I guarantee
>you that the 2000 packet/second SYN attacks we've been seeing are
>coming from a compromised host on a high speed connection and not from
>someone's 28.8k dialup connection. The hackers just take over a
>machine, use it to launch their attacks, and disappear into the jungle
>if we manage to find the particular machine they're using tonight.
>
>Harden your servers, filter on all non-transit ports on your routers,
>but let's let the how-to-do-filtering-on-terminal-servers discussion
>die, OK?
>
> ---Rob
Rob,
'Securing dialup servers' discussion is certainly not pointless; there
are certainly considerations that need to be taken in any remote access
environment -- that's a fact.
Please don't be so quick to dismiss anyone's ideas on this topic; we're
going to need full-force input from everyone in the operational world.
- paul
More information about the NANOG
mailing list