Fwd: Massive DDOS Attack

jimmyjames at softhome.net jimmyjames at softhome.net
Sat Jan 25 18:36:44 PST 2003


it apparently also name Banc of America, downing 13,000 ATM machines.....patch was available 6 months ago. analysis here: http://www.techie.hopto.org/sqlworm.html

Kelley

oh yeah, and how markets, mergers, yadda contributed to the BoA mess:


>------ Forwarded Message
>From: "Joseph C. Pistritto" <jcp at jcphome.com>
>Date: Sat, 25 Jan 2003 17:05:19 -0800
>To: dave at farber.net
>Cc: rforno at inforwarrior.org
>Subject: Re: [IP] More on Slammer - Bank of America ATMs impacted
>
>I was online while most of this started and if Bank of America's ATM network
>is down, they should blame their or their carrier's network engineering, not
>Microsoft. Security issues with Microsoft products aside, it's bad
>network engineering to have end user devices depending on traffic routing in
>common with public (and therefore vulnerable) circuits. Either: a) there
>isnt enough disaster recovery built into the engineering of the circuits
>involved, or b) redundency has been reduced since the circuits were
>engineered.
>
>I see this all the time, and it's a huge hazard if you buy enterprise
>connectivity. Carriers sell you a "highly available" solution with diverse
>routing and all that, and then you find out that over the years due to
>acquisitions, consolidation, cost reductions etc. you end up with circuits
>with common mode failure vulnerabilities introduced. You even see things
>like carriers selling the *backup* pairs on a Sonet ring, so when a rare
>failure does occur, there's nowhere to switch *to* to route the failure.
>Similar things happen with upstream links. Now that lots of companies run
>VPN traffic over the public network, or through the same switches as handle
>the public network, there's a huge nearly invisible vulnerability here.
>
>The only way to avoid this is to *regularly* audit your network engineering
>and make sure you're getting the disaster insurance you're probably paying
>for.
>
>Thanks,
> -jcp-
>
>------ End of Forwarded Message



More information about the lbo-talk mailing list