Comments on: Effectively Completing the Attack (and this posting)… http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/ A weblog dedicated to educating the community on security threats that matter Fri, 23 Jul 2010 13:52:39 +0000 hourly 1 http://wordpress.org/?v=abc By: Jason Burton http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/comment-page-1/#comment-183538 Jason Burton Fri, 05 Dec 2008 01:44:53 +0000 http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/#comment-183538 oh, and not only that. But DNS amplification attacks in relation to that. (imagine a 2,000 machine botnet issuing a dns amplification against the root servers. I smell "DISASTER") oh, and not only that. But DNS amplification attacks in relation to that. (imagine a 2,000 machine botnet issuing a dns amplification against the root servers. I smell “DISASTER”)

]]> By: Jason Burton http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/comment-page-1/#comment-183537 Jason Burton Fri, 05 Dec 2008 01:43:05 +0000 http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/#comment-183537 I wonder if any other organization's e.g. Prolexic ; have found any other solutions to this mitigation issue. This is a big problem ,and I think it needs to be discussed from a global or even governmental scale. Perhaps easier ways for the Gov't to track (ie. Narus) the botnet's. I wonder if any other organization’s e.g. Prolexic ; have found any other solutions to this mitigation issue. This is a big problem ,and I think it needs to be discussed from a global or even governmental scale. Perhaps easier ways for the Gov’t to track (ie. Narus) the botnet’s.

]]> By: boksAroro http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/comment-page-1/#comment-181404 boksAroro Tue, 25 Nov 2008 14:09:55 +0000 http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/#comment-181404 Hi guys, My problemm: my pc worked slowly, fast reeboot and some others. Please, help me to fix it - I need some sites, that consist info, how can I do it. Thx, boksAroro Hi guys,
My problemm: my pc worked slowly, fast reeboot and some others.
Please, help me to fix it – I need some sites, that consist info, how can I do it.
Thx,
boksAroro

]]> By: System Advancements at the Monastery » Blog Archive » From Cyber Space with Love http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/comment-page-1/#comment-123235 System Advancements at the Monastery » Blog Archive » From Cyber Space with Love Sat, 24 May 2008 02:58:47 +0000 http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/#comment-123235 [...] employ something akin to a BGP blackhole routing function that results in all packets destined to those three specific IPs, or the covering prefixes, being discarded as a result of null or discard next hop packet forwarding policies, as discussed here [...] [...] employ something akin to a BGP blackhole routing function that results in all packets destined to those three specific IPs, or the covering prefixes, being discarded as a result of null or discard next hop packet forwarding policies, as discussed here [...]

]]> By: Danny McPherson http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/comment-page-1/#comment-43 Danny McPherson Fri, 05 May 2006 19:49:23 +0000 http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/#comment-43 As usual, good point Chris. Though I'm not sure "No one cares", as usually someone cares - it's just that that someone doesn't matter (re: $) very much for whatever reason :-) Nonetheless, I'll see if there's a way to capture this observation in future cuts.. Thanks for the comments! As usual, good point Chris. Though I’m not sure “No one cares”, as usually someone cares – it’s just that that someone doesn’t matter (re: $) very much for whatever reason :-)

Nonetheless, I’ll see if there’s a way to capture this observation in future cuts..

Thanks for the comments!

]]> By: Chris Morrow http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/comment-page-1/#comment-27 Chris Morrow Mon, 01 May 2006 02:06:31 +0000 http://asert.arbornetworks.com/2006/04/effectively-completing-the-attack-and-this-posting/#comment-27 So, one thing to keep in mind here is that often, a vast majority of the time actually, the attacked host is not important to anyone involved. No one cares if shell-server-2's 33'rd vhost is 'offline'. In cases where the destination ip address is 'important' obviously the 'complete the attack' solution is not implemented. Perhaps it's hard to encapsulate this sort of thing in the survey or results? Thanks for the results and survey though :) So, one thing to keep in mind here is that often, a vast majority of the time actually, the attacked host is not important to anyone involved. No one cares if shell-server-2′s 33′rd vhost is ‘offline’.

In cases where the destination ip address is ‘important’ obviously the ‘complete the attack’ solution is not implemented. Perhaps it’s hard to encapsulate this sort of thing in the survey or results?

Thanks for the results and survey though :)

]]>