Re: Evil TCPD? (Was: Re: UseNet Gateway One Way ok?)

Matthias Urlichs (smurf@work.smurf.noris.de)
26 May 1997 12:43:05 +0200

Jon Lewis <jlewis@inorganic5.fdt.net> writes:
>
> > - Intentionally drop packets... (give them _less_ than UDP priority)
> > ("He's sending packets too fast... drop 'em")
>
> This may keep their system busy, but it won't do a lot of good for your
> net connection either.
>
The best thing to do would be to accept the mail (with _really_ low
bandwidth) up to the final dot but instead of sending the final SMTP
"ok-delivered" message you do "getchar(SMTP); exit(99);". Bingo, their SMTP
is blocked until they decide to timeout (and it's a really long timeout at
this point). If enough people do this...

> BGP "accidents" with bogus as paths might be interesting too.
>
Since they connect directly to mae-east... it'd be possible to grab their
networks, though; simply publish two /16s for each /15 they announce, and
so on. (agis.net has a _lot_ of networks. Way too many, in fact. It seems
that they're equally interested in conserving IP numbers as in listening to
spam receivers' complaints.)

-- 
Corollaries:
1)  When things just can't get any worse, they will.
2)  Anytime things appear to be going better, you have overlooked something.

-- 
Matthias Urlichs         \  noris network GmbH  /  Xlink-POP Nürnberg 
Schleiermacherstraße 12   \   Linux+Internet   /   EMail: urlichs@noris.de
90491 Nürnberg (Germany)   \    Consulting+Programming+Networking+etc'ing
   PGP: 1024/4F578875   1B 89 E2 1C 43 EA 80 44  15 D2 29 CF C6 C7 E0 DE
       Click <A HREF="http://info.noris.de/~smurf/finger">here</A>.    42