Solution: Re: Huge smurf attack

Alex P. Rudnev alex at
Thu Jan 14 15:33:10 UTC 1999


I am not sure about last smurf incident, but don't overestimate _dark 
minds_ caused this incident. I am 99.9% shure all (ALL) this incidents 
complained about in NANOG was the same _kidscripts_.

This do not mean you should not prevent the possibility of 
_cyberterrorism_, and let's this _kid's plays_ help to pay attention to 
the security holes we have over the Internet.

On Thu, 14 Jan 1999, Peter Swedock wrote:

> Date: Thu, 14 Jan 1999 15:13:34 +0000
> From: Peter Swedock <pswedock at>
> To: Phil Howard <phil at>,
>     Brandon Ross <bross at>
> Cc: nanog at
> Subject: Re: Solution: Re: Huge smurf attack
> On Jan 13,  1:23pm, Phil Howard wrote:
> >
> > Filtering .0 and .255, or filtering echos or ICMPs, are all indeed a form
> > of "fixing" the symptom.  These things are being done because fixing the
> > cause isn't practical.
> >
> > But what is the cause?  Is it that kids with scripts will attack and try
> > to bring down an IRC server or the network that hosts it?  Or is it that
> > they have the scripts in the first place?  Or is it that they are using
> > networks that allow them to do this in the first place?
> I think blamin' the 'scriptkidz' in this instance isn't accurate. I think this
> incident had a political component that is overlooked here, and one that
> requires discussion. And that this smurfing was, quite possibly, an answer to
> that political component.
> I'm speaking about the "Nuremburg Files" which is downstream of Mindspring. For
> those of you who don't know, this page is a listing of abortion providers,
> clinic workers and their respective spouses.  Those abortion providers and
> clinic workers who have been killed are struck-through on this page, those who
> have been wounded, or who have stopped providing abortions for whatever reason,
> are grayed out and those remaining are, for lack of a better term, targeted,
> through the collection of personal information (licsense plate numbers, home
> addresses, phone numbers, etc...)
> I bring this up, not to discuss content, but because a lawsuit has been
> brought, and which began Friday, against this page charging that it is a
> hit-list that crosses the line of free speech into incitement to violence. The
> suit has received some national attention (was prominently featured on the CNN
> webpage) and appears to be, at present, ground zero for the pro-life/pro-choice
> debates...
> Given all that, is it hard to beleive that some-one, moderately skilled in
> networking but extreme in political views, attempted to shut down this page by
> shutting down Mindspring?
> This is the real world, people. This isn't the goodgeeks vs. the skriptkiddiez
> in their own private internet bubble.  It is entirely plausible (even likely,
> given the timing of the case opening Friday, the subsequent publicity and the
> "huge smurf attack" Saturday...) that this was a political act, and guess
> what... we're squeezed in the middle. It ain't about which side of the debate
> any on NANOG will fall on, but the fact that the debate may be falling on us.
> > The cause of burglaries and thefts is bad people.
> But the cause of political terrorism is extreme people.  I think that, if this
> smurf attack was in response to the web page "The Nuremburg Files", it is an
> act of terrorism in response to an act of terrorism: that is to say the page is
> extreme, so why do we not expect responses to it to be extreme?  And, in the
> middle, network engineers putting out the fires... networks being the
> battlegrounds that these people have chosen.
> > I admire Mindspring's position of making Internet access unrestricted.
> > But what is the real motivation?  Is it the goal of "perfect IP" or is
> > the business case of decreasing tech support costs?  They are, afterall,
> > in the business of providing consumer dialup access, and as we all know
> > that line of business is very costly in areas of tech support.  Network
> > attacks are also a real cost.  I would suggest that treating some of the
> > symptoms, at least for now, will cut some costs until the day that we
> > can achieve the utopian goal of the perfect solution to the cause.
> But if you want "unrestricted internet access" you'll get pages like "The
> Nuremburg Files" and you'll get people who object to that...
> I don't know what the solution is... but I do think we'll all be better off
> opening our eyes to the situation, rather than simply blaming the
> 'skriptkiddiez'.
> Peace,
> Petr
> -- 
> "Everything should be made as simple as possible, but not simpler"
> 						  A. Einstein
> Petr Swedock, Associate Engineer                           |
> Network Operations                                    ,o __|-.
> GTE INTERNETWORKING, POWERED BY BBN              ,_~o/   \/   \
> ph: 781.262.6300/781.262.6541                      |/         |
> fax: 781.262.6234 				  / >         |
>                                                  '  `         |
> email: pswedock at at               |
> ______________________________________________________________|

Aleksei Roudnev, Network Operations Center, Relcom, Moscow
(+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 239-10-10, N 13729 (pager)
(+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)

More information about the NANOG mailing list