ICMP Attacks???????

Michael Dillon michael at priori.net
Sat Aug 16 23:14:23 UTC 1997

Thank you Danny! This is exactly the sort of thing I was getting at. You've
basically laid out the algorithm for tracing an attack to a specific port
on your router. Now what we need to do is build a tool that can automate
this procedure, perhaps by using an "expect" script or something similar
like Python with PIPE.

>Now comes the fun part, cooridinating with the Operations/Security folks from
>the corresponding network(s) to track the attack, hop-by-hop, through their

I suspect that this part would be a lot easier if some easy to use tools
exist. Ever since I heard that IOPS was being formed I've been curious
whether or not that would become a venue for building these kind of tools.
Perhaps if someone from IOPS would come to Phoenix and tell us what they
are up to, we might find some more ways to encourage this kind of
inter-network cooperation.

Michael Dillon                    voice: +1-650-482-2840
Senior Systems Architect            fax: +1-650-482-2844
PRIORI NETWORKS, INC.              http://www.priori.net

"The People You Know.  The People You Trust."

More information about the NANOG mailing list