Platinum accounts for the Internet (was Re: who offers cheap (personal) 1U colo?)
jlewis at lewis.org
jlewis at lewis.org
Mon Mar 15 23:51:36 UTC 2004
On Mon, 15 Mar 2004 Michael.Dillon at radianz.com wrote:
> Maybe NANOG needs to implement a system where you have to log
> in to a web page with your NANOG meeting passcode in order to
> get a usable IP address. Then, when an infected computer shows
> up we will know exactly whose it was. Might even be interesting
> for a researcher to interview every infected party and figure
> out why it is happening even among a supposedly clueful group.
I find it ironic that one of the presentations at the last nanog was about
a system kind of like that:
http://www.nanog.org/mtg-0402/gauthier.html
and that we had some luser on the nanog30 wireless network infected by SQL
slammer.
Does anyone know who that was, how/if they were located and removed from
the network, and whether they brought an infected PC (either via stupidity
or as a joke) or simply brought an unpatched system out from behind their
firewall/packet filters and got infected before they got a chance to
actually use the network?
After that incident, I sniffed the wireless for a little while and noticed
slammer is alive and well out on the internet and still trying to infect
the rest of the internet.
We're still blocking it at our transit borders. The one time it was
removed (accidentally), a colo customer was infected very shortly after
the filter's protection was lost.
----------------------------------------------------------------------
Jon Lewis *jlewis at lewis.org*| I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG
mailing list