At 09:56 AM 2/16/00 , Bennett Todd wrote: >I may be a cad and a barbarian, but I'm less concerned with >identifying who's doing it, and more concerned with making the >attacks harder to mount, and easier to stop. Personal opinion warning here! These attacks were helped along really well by sloppy IS folks at big sites (like UCSC and the Navy). The daemon that had been hacked onto the source sites was well-known and warned against since December at least. There were scripts available to scan your hosts for this. While the attacks probably were meant as a "wake up" call, the ones who need to wake up are the folks running the sites that were the sources of the flood. Firewalls are great -- the condoms of the internet, but you also want to have folks checked for viruses routinely if they are going to be playing in this bar! I wonder if eTrade can sue the intermediate hosts involved here for failure to take reasonable precautions to insure their machines were not co-opted for criminal usage. I bet some of these site have got very, very deep pockets... Malcolm Holser
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:04:35 PDT