Solution: Re: Huge smurf attack
Alex P. Rudnev
alex at Relcom.EU.net
Thu Jan 14 15:33:10 UTC 1999
I am not sure about last smurf incident, but don't overestimate _dark
minds_ caused this incident. I am 99.9% shure all (ALL) this incidents
complained about in NANOG was the same _kidscripts_.
This do not mean you should not prevent the possibility of
_cyberterrorism_, and let's this _kid's plays_ help to pay attention to
the security holes we have over the Internet.
On Thu, 14 Jan 1999, Peter Swedock wrote:
> Date: Thu, 14 Jan 1999 15:13:34 +0000
> From: Peter Swedock <pswedock at bbnplanet.com>
> To: Phil Howard <phil at whistler.intur.net>,
> Brandon Ross <bross at mindspring.net>
> Cc: nanog at merit.edu
> Subject: Re: Solution: Re: Huge smurf attack
> On Jan 13, 1:23pm, Phil Howard wrote:
> > Filtering .0 and .255, or filtering echos or ICMPs, are all indeed a form
> > of "fixing" the symptom. These things are being done because fixing the
> > cause isn't practical.
> > But what is the cause? Is it that kids with scripts will attack and try
> > to bring down an IRC server or the network that hosts it? Or is it that
> > they have the scripts in the first place? Or is it that they are using
> > networks that allow them to do this in the first place?
> I think blamin' the 'scriptkidz' in this instance isn't accurate. I think this
> incident had a political component that is overlooked here, and one that
> requires discussion. And that this smurfing was, quite possibly, an answer to
> that political component.
> I'm speaking about the "Nuremburg Files" which is downstream of Mindspring. For
> those of you who don't know, this page is a listing of abortion providers,
> clinic workers and their respective spouses. Those abortion providers and
> clinic workers who have been killed are struck-through on this page, those who
> have been wounded, or who have stopped providing abortions for whatever reason,
> are grayed out and those remaining are, for lack of a better term, targeted,
> through the collection of personal information (licsense plate numbers, home
> addresses, phone numbers, etc...)
> I bring this up, not to discuss content, but because a lawsuit has been
> brought, and which began Friday, against this page charging that it is a
> hit-list that crosses the line of free speech into incitement to violence. The
> suit has received some national attention (was prominently featured on the CNN
> webpage) and appears to be, at present, ground zero for the pro-life/pro-choice
> Given all that, is it hard to beleive that some-one, moderately skilled in
> networking but extreme in political views, attempted to shut down this page by
> shutting down Mindspring?
> This is the real world, people. This isn't the goodgeeks vs. the skriptkiddiez
> in their own private internet bubble. It is entirely plausible (even likely,
> given the timing of the case opening Friday, the subsequent publicity and the
> "huge smurf attack" Saturday...) that this was a political act, and guess
> what... we're squeezed in the middle. It ain't about which side of the debate
> any on NANOG will fall on, but the fact that the debate may be falling on us.
> > The cause of burglaries and thefts is bad people.
> But the cause of political terrorism is extreme people. I think that, if this
> smurf attack was in response to the web page "The Nuremburg Files", it is an
> act of terrorism in response to an act of terrorism: that is to say the page is
> extreme, so why do we not expect responses to it to be extreme? And, in the
> middle, network engineers putting out the fires... networks being the
> battlegrounds that these people have chosen.
> > I admire Mindspring's position of making Internet access unrestricted.
> > But what is the real motivation? Is it the goal of "perfect IP" or is
> > the business case of decreasing tech support costs? They are, afterall,
> > in the business of providing consumer dialup access, and as we all know
> > that line of business is very costly in areas of tech support. Network
> > attacks are also a real cost. I would suggest that treating some of the
> > symptoms, at least for now, will cut some costs until the day that we
> > can achieve the utopian goal of the perfect solution to the cause.
> But if you want "unrestricted internet access" you'll get pages like "The
> Nuremburg Files" and you'll get people who object to that...
> I don't know what the solution is... but I do think we'll all be better off
> opening our eyes to the situation, rather than simply blaming the
> "Everything should be made as simple as possible, but not simpler"
> A. Einstein
> Petr Swedock, Associate Engineer |
> Network Operations ,o __|-.
> GTE INTERNETWORKING, POWERED BY BBN ,_~o/ \/ \
> ph: 781.262.6300/781.262.6541 |/ |
> fax: 781.262.6234 / > |
> ' ` |
> email: pswedock at bbnplanet.com/pswedock at gtei.net |
Aleksei Roudnev, Network Operations Center, Relcom, Moscow
(+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 239-10-10, N 13729 (pager)
(+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)
More information about the NANOG