Denial of service attacks apparently from UUNET Netblocks
James_deleskie
jdeleski at Fox.nstn.ca
Tue Oct 7 13:40:57 UTC 1997
> I would not be surprised if the caller's phone number were logged, most
> modern modem banks talk ANIS and DNIS, which if I'm remembering correctly
> is basically caller ID. I'm thinking of putting this on our POP, as there
> doesn't seem to be an extra charge to get the data from the telco.
I would have to disagree, in Canada anyway, the telco charges extra for these features, andand while
the modemracks will support it few if any ISP are gonna spend the $$$ for it.
Until of course they are attacked and loose business and then the VP's the cost
of NOT having it.
-Jim
>
> Charles
>
> ~~~~~~~~~ ~~~~~~~~~~~
> Charles Sprickman Internet Channel
> INCH System Administration Team (212)243-5200
> spork at inch.com access at inch.com
>
> On Mon, 6 Oct 1997, Phil Howard wrote:
>
> > Date: Mon, 6 Oct 1997 21:30:11 -0500 (CDT)
> > From: Phil Howard <phil at charon.milepost.com>
> > To: steve at nwnet.net
> > Cc: nanog at merit.edu
> > Subject: Re: Denial of service attacks apparently from UUNET Netblocks
> >
> > Steve Mansfield writes...
> >
> > [snip snip snip]
> >
> > > S'okay. Have the feds subpoena UUNET for the connect logs for these
> > > max'es. UUNET keeps the logs and is capable, given the exact time of the
> > > attack(s), of going through the logs, identifying exactly who it was, and
> > > if it's one of their customers, giving the personal info to the feds.
> > > If it's a reseller's customer, they can get the user info and forward it to
> > > the reseller and inform the feds who they need to talk to for the personal
> > > info. Whoever it was is as good as nailed.
> >
> > Unless it was a stolen account. With more and more "naive" users coming
> > online, the chance of this kind of thing happening is greater and greater.
> > You can shut off the account. Feds can visit the home of whoever owns the
> > account. They can even be blocked from ever getting any account at any
> > ISP for life. But if this possibility is fact, you won't have the perp
> > and they can attack again.
> >
> > Now if the telco has records of all the phone calls you can find out where
> > the calls actually came from. Maybe that's the perp. Maybe not.
> >
> > What is ultimately needed is some better real time detection of this kind
> > of thing sufficiently deployed so that it is present on all routers where
> > the exposure exists. You may not catch the perp, but you might reduce the
> > damage it causes.
> >
> > How to encourage this to be done is left as an exercise for the reader.
> >
> > --
> > Phil Howard +-------------------------------------------------------------+
> > KA9WGN | House committee changes freedom bill to privacy invasion !! |
> > phil at | more info: http://www.news.com/News/Item/0,4,14180,00.html |
> > milepost.com +-------------------------------------------------------------+
> >
>
>
More information about the NANOG
mailing list