TTSG and nanog:
Excuse our non response to the hacking problems over the weekend. We have
just gone to a central response system and have had a bunch of completely
new people staffing it over the weekend. We will take steps to have the
clue phone installed in that center and also have encouraged the staff to
not just give random answers when called. They will now respond that they
don't know if they really don't know the answer and will find someone who
can answer the question.
Now to respond to the attack issue.
Exodus leases IP space to various customers, many of whom in turn have
customers. One of our customers had their name server hacked and that
machine was attacking everything else in sight. When one of the engineering
staff found out the attack was in progress, we took the name server off the
network and contacted the Sys. Adm. That took place Sunday evening. The
system has been cleaned up and is now back in operation. We are looking to
see if anything else comes from that customer.
We don't filter in the routers as a rule because our Backbone engineering
group is concerned about router performance. We go to the source to attempt
to stop problems and not just filter the packets.
Janis Purl, Abuse Manager
Leroy Lacy, Director of Security