Arbor Networks DoS defense product

• Previous message (by thread): Arbor Networks DoS defense product
• Next message (by thread): Arbor Networks DoS defense product
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi, Pete.

] With the number of always-on broadband residential and
] small-business customers, are education networks still the

The broadband ranges are now quite popular with the miscreants.  Several
of the bots I've recovered conduct targeted scans of the broadband
prefixes.  While scanning the entire IPv4 address space - including the
bogons - does yield a lot of hax0red hosts, it also produces a lot of
noise.  FYI, the miscreants also _avoid_ certain netblocks in which,
they believe, honeypots and other things reside.

When scanning for easily hacked routers, the miscreants target the
ranges they believe contain "mad fast routers," e.g. routers with > T1
connectivity.

In the case of both hosts and routers, it is increasingly common for
the miscreants to test the bandwidth capabilities of the device.  The
sluggish are left unused by many crews (or traded in the very active
underground economy).

Thanks,
Rob.
--
Rob Thomas
http://www.cymru.com/~robt
ASSERT(coffee != empty);

• Previous message (by thread): Arbor Networks DoS defense product
• Next message (by thread): Arbor Networks DoS defense product
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]