DoS yada yada yada

Richard A. Steenbergen ras at
Fri Jul 13 01:46:47 UTC 2001

I'd just like to take a quick opportunity to clear up some misconceptions
on the subject of Denial of Service which seem to have been running
rampant around here.

First off, I am a longer time EFNet user as well as a former EFNet admin,
and I have probably been the target of every type of DoS you could imagine
at one point or another. You should not mistake cynicism for a particular
chat network for apathy about DoS. I also do not believe IRC as a service
is any less deserving of protection from attacks, but I do believe it is
far more explainable.

Secondly, let's not kid ourselves about where DoS comes from. If EFNet has
earned one distinction, it is as the source of every major DoS currently
in use against the internet. These programs don't write themselves, nor do
people learn to use them effectively for no reason. By far the VAST
majority of EVERY attack anyone on this list will EVER see *IS* related to
IRC, and if you think "la de da I'm just an innocent little network who
gets attacked for no reason" then you obviously don't know what your users
are doing. The attacks against other targets like yahoo ebay etc are very
rare and happen only as a result of packet kids building a network for use
against their IRC targets and then realizing there is a whole world out
there that doesn't see attacks like this on a regular basis.

Let's also get off our delusions of power that help us deal with the
powerlessness of being a DoS victim, no one has filed serious litigation
against a network for their unintentional involvement in a DoS, and if
anyone does it surely won't be EFNet. We all want someone to blame, but
the reality of the matter is that the vast majority of attack sources are
victims without any real negligence, and the vast majority of attacks are
simply not going to be traced back to the person responsible.

None of this changes the fundamental need to design networks which are
resistant to malicious disruption, but let's at least try to deal with the
reality of the situation.

One other comment I'll make for the people who take IRC so seriously as to
get bent out of shape over these words: It's just IRC. Repeat that to
yourself at least 10 times every night.

And one last request, unless you really have something to contribute,
please don't reply to this on-list.


Richard A Steenbergen <ras at>
PGP Key ID: 0x138EA177  (67 29 D7 BC E8 18 3E DA  B2 46 B3 D8 14 36 FE B6)

More information about the NANOG mailing list