DDoS attacks

Thu Jul 12 17:51:25 UTC 2001

On Thu, 12 Jul 2001, Mitch Halmu wrote:

> On Thu, 12 Jul 2001, Brad wrote:
>
> > However, the problem here is not-so easy to
> > take care of on the provider(s) end.  I tend to see this
> > problem more-like open-relay issues.  A open-relay SMTP
> > server is just-as much a pain in the rear as a compromised
> > windoze box (if not more) and we have several ways to combat
> > open-relay issues currently through various testing and
> > filtering systems.
>
> No kidding? Your somewhat twisted "re-education" approach finds
> it perfectly normal to liken an illegal hacker activity (DDoS)
> with a perfectly legitimate business operation of an ISP, for
> the "crime" of simply having an open relay SMTP server.
>
> Well, I happen to think that communications blackholing enterprises
> such as the one run by former Abovenet boss Dave Rand and Metromedia
> employee Paul Vixie are to be likened to denial of service attacks.
>
> There should be no question that the guilty party is the actual
> hacker or spammer. If the legal system doesn't provide ISPs adequate
> protection under current laws, then new ad-hoc laws should address
> the problem.
>
> --Mitch
> NetSide

Mitch-

My post is not intended to get in a war about open-realy
issues, but to rather put it in perspective from how *I*
view the problem.  I certainly think that a compromised or
insecure machine should be addressed and the legal issues of
hosting such a machine due to clear negligence of a problem
which can (and does) cost other people a *lot* of money in
damages or 3rd-party fees is a concern that any legitimate
business-owner should be aware of.  Furthermore- I am
attempting to find a way to stop DDoS attacks without legal
action (though- it should be taken also) and this seems to
be the best way (so far).  I am open to suggestions you
may have to reduce/stop DDoS attacks as they happen.

---
Brad Baker
Director: Network Operations
American ISP
brad at americanisp.net
+1 303 984 5700 x12
http://www.americanisp.net/