More on the DDoS Attack

Mailman List Mirror (Read Only)
1

Hello,

Ok - I know I said I'd have something for the list on Monday.
Unforunately, work kept getting in the way :frowning:

Yesterday, I sent our this URL to the people who replied to me privately.
It is a general overview (with a few details) of how various schools
have been dealing with the recent RPC vulnerabilities and the associated
Blaster/Welchia worms.

  http://www.roxanne.org/~eric/blaster.html
                                                                              
Take a look and let me know what you think. Any question or comments -
editorial or otherwise - would be greatly appreciated.

Eric :slight_smile:

2

Eric Gauthier wrote:

                                                                              Take a look and let me know what you think. Any question or comments - editorial or otherwise - would be greatly appreciated.

Nice layout. Reverse the the process so default is a good host and integrate it with radius, using access lists versus private/public addresses and you have a nice method for jailing an infected user so that they can still dial up and get virus defs, patches, etc and that's it. Granted, it would take some tweaking.

-Jack