Date: Thu, 12 Sep 1996 17:28:56 -0400
Gordy Thompson , delivering one more story that just
confirms my resolve to live in the woods, wrote from New York,
> Panix, a large and well-established ISP in New York with 6,000+
> subscribers, announced recently that its staff would maintain global
> procmail and filter rules containing the names of "troubled" Internet
sites
> -- sites known to be dedicated to the generation of bulk email spam.
> Scripts are available for users to automatically filter their
> incoming mail and throw away mail from those sites before it reaches
their
> in-boxes.
That seems a reasonable response, although too much on a service-wide
scale. I'd think the ability for users to create custom filters and to
download headers before bodies would have been a better solution.
> As an option, Panix will even send mail to
> postmaster@offending_site informing them that a Panix user (without
> providing the user's email address) was automatically discarding all mail
> from their site.
And here it seems that Panix went and started picking fights. With the
filter, there isn't any offense, so why raise a stink?
> Since last Friday, Panix has been crippled by a severe attack
from
> unknown sources. Its mail, news and web servers, user login machines and
> name servers are being flooded with bogus connection requests (SYN
packets,
> for the technically minded), making legitimate requests difficult or
> impossible to process: They've been virtually knocked off the air at
times.
> The source address of the packets has been counterfeited to make
> tracing impossible without the committed resources of most of the major
> network companies that comprise the Internet itself. It's the worst
> sustained, targetted denial-of-service attack I've ever heard of.
It may be the worst, but it seems it was asked for. Panix probably would
have best served its interests if it had just set up its filters and gone
on about its business.
> There could be a zillion "motives" for someone to do this, but
> conspiracy theorists (and there are many on Panix) are discussing the
> possibility that it's a retaliatory attack by someone who doesn't like
their
> creative -- and effective -- measures against e-mail spam.
A measure that results in a complete shutdown in service isn't what I'd
call either creative or effective. It's rather more in the grand, old AOL
tradition of upgrading systems.
Reminds me of a friend I had once who was a cop on Martha's Vineyard. He
was out in the scrub oak one day practicing his quick draw and he shot
himself in the foot. He milked a lot of sympathy from girls in the bars,
but guys who knew guns thought he was a jerk.
Donovan White
Online Information Development and Design
dwhite@olinfo.com (508) 597-5321
+---------------------------------------------------------------------------+
This message was posted to ONLINE-NEWS. http://www.planetarynews.com/o-n.html
------------------------------
End of online-news-digest V1 #783
*********************************
From owner-online-news@marketplace.com Thu Sep 12 19:53:26 1996
Received: from marketplace.com (majordom@marketplace.com [206.168.5.232]) by cnj.digex.net (8.6.12/8.6.12) with ESMTP id TAA27566 ; for ; Thu, 12 Sep 1996 19:53:26 -0400
Received: (from majordom@localhost) by marketplace.com (8.6.12/8.6.12) id NAA03076 for online-news-outgoing; Thu, 12 Sep 1996 13:10:43 -0600
Received: from server.indra.com (server.indra.com [204.144.142.2]) by marketplace.com (8.6.12/8.6.12) with ESMTP id NAA03071 for ; Thu, 12 Sep 1996 13:10:38 -0600
Received: from indra.com by server.indra.com (8.7.4/Spike-8-1.0)
id MAA13043; Thu, 12 Sep 1996 12:55:46 -0600 (MDT)
Received: from mail.zipnet.net by indra.com (8.7.4/Spike-8-1.0)
id MAA02949; Thu, 12 Sep 1996 12:55:41 -0600 (MDT)
Received: from online-info (ip16-max1-fitch.zipnet.net [199.232.245.16]) by mail.zipnet.net (8.7.3/8.7.3) with ESMTP id OAA11237 for ; Thu, 12 Sep 1996 14:55:35 -0400 (EDT)
Message-Id: <199609121855.OAA11237@mail.zipnet.net>