Denial of service attacks apparently from UUNET Netblocks

Barney_Wolff · October 8, 1997, 9:57pm

Let me try again, since it seems I wasn't clear enough. There's been
a lot of delightful talk about whether/how to retrieve the calling phone
on a given port. But none about how to determine with confidence which
port the nasty packets come from. Without source address assurance,
any user on any port of any dialin box can source packets with any IP
address(es) desired. So you don't know which port to go get ANI/CLID
for.

What is also not explained is how to produce multi-megabit streams from
dialup. MP? Multiple independent calls? Ping to broadcast with faked
source address? Or was the attack not from dialup at all? In other
words, I don't know why this attack generated a debate about ANI/CLID.

Barney Wolff

Justin_Newton · October 8, 1997, 10:53pm

I have been talking to several vendors for several months regarding setting
up filters with variables in them such as $MY_IP which would allow us to do
per port per IP filtering based on the IP address which is based on the IP
of the person dialed in was assigned either by the NAS or the RADIUS
server. I know of at least 2 vendors which will be releasing the "soon".

John_A_Tamplin1 · October 9, 1997, 12:59am

Why not just have the Radius server generate the filter itself based on the
assigned IP address?

John Tamplin Traveller Information Services
jat@Traveller.COM 2104 West Ferry Way
205/883-4233x7007 Huntsville, AL 35801