ADSM-L

Re: Looping Access Errors

2000-11-15 10:38:25
Subject: Re: Looping Access Errors
From: Richard Sims <rbs AT BU DOT EDU>
Date: Wed, 15 Nov 2000 10:37:47 -0500
>We have seen this problem a couple of times now and were wondering if =
>anyone has any suggestions for an easy way to deal with it.  We have seen =
>someone who is not a registered node on our OS/390 TSM 3.7.3 server =
>attempt to access the server with a client.  Of course, they get rejected =
>as an invalid node, but they apparently have a poorly designed automated =
>process which repeatedly retries the attempt.  We have had to determine =
>who it is based on their IP address and try to contact them about stopping =
>their process.

Two things about this...
1. There should be a "clown penalty" for environmental disruption of this
   kind, from irresponsibly written/implemented client facilities.
   Having your computer center manager report the problem throught the client
   person's manager will help make a point.
2. Every site needs to be prepared to quickly respond to block bad network
   traffic, at the network hardware level.  Your case is relatively benign,
   and you should be able to have your network people quickly implement
   router filtration for this ill-mannered IP address.  Trying to have the
   application ignore it is too late in the stream.  Any site on a network is
   vulnerable to Denial Of Service attacks, wherein someone with network
   access (from anywhere in the world) bombards your IP service address with
   an endless series of packets.  It is vital that you be able to keep them
   out of your sub-network, else everything in that subnet can be prevented
   from working because of the network congestion.  So site network people
   must always be prepared to quickly identify and block bogus traffic, either
   by originating IP address or by packet content.

 Richard Sims, BU
<Prev in Thread] Current Thread [Next in Thread>