<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>I am familiar with this. IBM stands for "I've Been Moved". In
fact, I have almost forgotten the number of IBM reunions that I
have seen.</p>
<p>Ultimately, the cause will be investigated, sanitised, and
eventually released as a PR Blurb. This par for any Govt. around
the globe.</p>
<p>Why do I not seem surprised? Seen it all before, more than once.<br>
</p>
<br>
<div class="moz-cite-prefix">On 10/08/2016 8:33 p.m., Simon Sharwood
wrote:<br>
</div>
<blockquote
cite="mid:CAHW_L2hO4YS+EbMiW1dRezw5hqTA07QvenEoChRRnWK5NQX=Qg@mail.gmail.com"
type="cite">
<div dir="ltr">FWIW I know several IBMers recently made redundant.
They say that anyone on decent money and with a couple of
decades experience has been let go to save on wages. The folks
left behind are bright, but inexperienced. Which may be why the
mitigations discussed above weren't employed.
<div><br>
</div>
<div>The thing that will be interesting in the washup is whether
the ABS/McGibbon ever admit this was hostile action.</div>
<div><br>
</div>
<div>McGibbon is currently saying DDOSes are not any form of
attack, just a blocking action. I think a truckies blockade is
a better example. Or perhaps a zombie truckie blockade.</div>
<div><br>
</div>
<div>One last thing: ever security vendor capable of spelling
DDOS is contacting media today saying they can explain this
crisis away and keep you all out of the headlines. </div>
<div><br>
</div>
<div>S.</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, Aug 10, 2016 at 4:49 PM, J
Williams <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:jphwilliams@gmail.com" target="_blank">jphwilliams@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">In hindsight, they could have blocked
international access via their upstream providers. This
would have avoided almost all issues whilst still reaching
almost all of the audience.
<div><br>
</div>
<div>Regards,</div>
<div>Julian</div>
</div>
<div class="HOEnZb">
<div class="h5">
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, Aug 10, 2016 at 4:11
PM, Paul Wilkins <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:paulwilkins369@gmail.com"
target="_blank">paulwilkins369@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div>
<div>
<div>Well here's the thing. Supposedly the
Census site had capacity to serve say 10M
Australian clients.<br>
<br>
</div>
So if your architecture has its ducks in a
row, you have a dedicated resource pool(s)
for Australian IPs. Now someone has to come
up with a botnet with > 10M Australian
based IPs. <br>
<br>
Any overseas botnet will just disable access
for the stragglers resource pool, either
overseas or on VPNs.<br>
<br>
</div>
<div>Get the architecture right, and the
operations takes care of itself.<br>
</div>
<div><br>
</div>
Kind regards<span><font color="#888888"><br>
<br>
</font></span></div>
<span><font color="#888888">Paul Wilkins<br>
</font></span></div>
<div>
<div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 10 August 2016
at 16:03, Mark Delany <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:g2x@juliet.emu.st"
target="_blank">g2x@juliet.emu.st</a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex"><span>>
Mark,<br>
> If your point is that if an
attacker can flood a server with
traffic, the<br>
> DOS will succeed, then we agree.<br>
<br>
</span>There are plenty of other
resources to exhaust besides traffic<br>
capacity, but ok.<br>
<span><br>
> The point is to ensure that your
attacker has an upper limit to
resources<br>
> available to them on the server.
This is much harder to achieve with
HTTPS,<br>
> where you can't successfully
create a session with a spoofed IP.<br>
<br>
</span>True. But bots don't need to
spoof IPs. Nor recipients of IMG<br>
tags. What makes you think the so-called
DOS was based on spoofed IPs<br>
anyway? I don't think I made any mention
of it.<br>
<br>
Point being, excepting the very largest
destinations, it's not that<br>
hard to acquire more bot capacity than
your target's server capacity.<br>
<div>
<div><br>
<br>
Mark.<br>
______________________________<wbr>_________________<br>
AusNOG mailing list<br>
<a moz-do-not-send="true"
href="mailto:AusNOG@lists.ausnog.net"
target="_blank">AusNOG@lists.ausnog.net</a><br>
<a moz-do-not-send="true"
href="http://lists.ausnog.net/mailman/listinfo/ausnog"
rel="noreferrer" target="_blank">http://lists.ausnog.net/mailma<wbr>n/listinfo/ausnog</a><br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
<br>
______________________________<wbr>_________________<br>
AusNOG mailing list<br>
<a moz-do-not-send="true"
href="mailto:AusNOG@lists.ausnog.net"
target="_blank">AusNOG@lists.ausnog.net</a><br>
<a moz-do-not-send="true"
href="http://lists.ausnog.net/mailman/listinfo/ausnog"
rel="noreferrer" target="_blank">http://lists.ausnog.net/mailma<wbr>n/listinfo/ausnog</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
<br>
______________________________<wbr>_________________<br>
AusNOG mailing list<br>
<a moz-do-not-send="true"
href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br>
<a moz-do-not-send="true"
href="http://lists.ausnog.net/mailman/listinfo/ausnog"
rel="noreferrer" target="_blank">http://lists.ausnog.net/<wbr>mailman/listinfo/ausnog</a><br>
<br>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature" data-smartmail="gmail_signature">
<div dir="ltr">Simon Sharwood | JargonMaster Corporate
Communications |<br>
M +61 (0)414 37 37 26 |<br>
E <a moz-do-not-send="true"
href="mailto:simon@jargonmaster.com" target="_blank">simon@jargonmaster.com</a>
| W <a moz-do-not-send="true"
href="http://www.jargonmaster.com" target="_blank">www.jargonmaster.com</a><br>
24 North Street Marrickville NSW 2204 AUSTRALIA<br>
ABN: 14743763968<br>
Work blog: <a moz-do-not-send="true"
href="http://jargonmaster.wordpress.com" target="_blank">jargonmaster.wordpress.com</a><br>
Free/Busy details: <a moz-do-not-send="true"
href="http://www.jargonmaster.com/calendar/"
target="_blank">http://www.jargonmaster.com/calendar/</a><br>
I'm a member of <a moz-do-not-send="true"
href="http://DHBC.org.au" target="_blank">DHBC.org.au</a> and
a vExpert
<div><img moz-do-not-send="true"
src="https://communities.vmware.com/servlet/JiveServlet/download/26788-1-122263/vExpert-2014-Badge.png"
height="131" width="200"><br>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
AusNOG mailing list
<a class="moz-txt-link-abbreviated" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>
<a class="moz-txt-link-freetext" href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a>
</pre>
</blockquote>
<br>
<br /><br />
<hr style='border:none; color:#909090; background-color:#B0B0B0; height: 1px; width: 99%;' />
<table style='border-collapse:collapse;border:none;'>
<tr>
<td style='border:none;padding:0px 15px 0px 8px'>
<a href="https://www.avast.com/antivirus">
<img border=0 src="http://static.avast.com/emails/avast-mail-stamp.png" alt="Avast logo" />
</a>
</td>
<td>
<p style='color:#3d4d5a; font-family:"Calibri","Verdana","Arial","Helvetica"; font-size:12pt;'>
This email has been checked for viruses by Avast antivirus software.
<br><a href="https://www.avast.com/antivirus">www.avast.com</a>
</p>
</td>
</tr>
</table>
<br />
</body>
</html>