I would be interested in knowing who was spoken to at UUNET because I
have two on-call engineers who are very clueful on the smurf attack and
how to block it. There are issues being discussed at this time with the
dostrack program and current revs of Cisco code beign distributed so
tracking would not have been feasible (esp. since the site as the target
and not the amplification site). Only if an amplification site was ID'd
as a UUNET customer could a track to the perpetrator hav been performed.
UUNET Security Engineers will alleviate the attack until it subsides or
identification (and subsequent halting of the attack) occurs.
The staff is not manned 24 hours (just like MCI) but my people are paged
when these type of events occur (just like MCI).
Hopefully, someone can provide me with the ticket # of the incident of
the engineer who handled it.
John