[oscar]

This is just to let you know the current dalnet (irc network) situation. If you have ever gone to dalnet's #macintosh, we are know seeking refuge at irc.netmug.org.
-
From the alt.irc.dalnet newsgroup:

Casting off the cloak of HTML, bee ventured forth to do battle with the
daemons of Usenet on 09/01/2003 08:38, saying:
> I use DSL and suddenly today, my mIRC has tried to connect to DALnet over
> 100 times, but NONE of the servers allow it. I get a variety of responses:
> "Connection attempt timed out",
> "Unable to connect (Can't assign requested address)",
> "Unable to connect (Connection refused)"
>
> Any help would be appreciated.

I regret we are unable to offer you any help. Certain individuals have
decided that we should no longer be able to operate as an IRC network
and are using Denial of Service attacks to ensure that we do not.
Despite our best efforts and those of our hosts, DALnet is at this time
totally unreachable and will most likely remain that way until whoever
is responsible for the attacks decide they've done enough damage.

It is no exageration to say that these continuing attacks threaten the
existance of DALnet. Many of our hosts are being seriously impacted by
what are very large (multi-Gb/s) attacks are are understandably
considering whether or not they can continue to support DALnet.

We at DALnet have repeatedly begged various providers for assistance to
curb these problems however we have had limited success. I have seen a
single abuser infect over 2000 machines in a day, while still others
exploit ISP stupidity by compromising DSL/cable routers which have no
passwords, weak or default passwords or insecure telnet ports open to
the internet. Even when notifed of this stupidity ISP's either refuse to
act or act so slowly they may as well be doing nothing. Then you have
insecure Win2k boxes of which litterally thousands attack us every day,
not to mention the myriad of users who click a URL and get infected with
something through a browser weakness they really should have patched
months ago.

We are a single group of volunteers. We cannot secure the entire
internet on our own, ISP's and service providers MUST start accepting
responsibility for the machines they allow to connect to the internet at
large or the internet as we know it will cease to exist. Beleive me,
it's a short step from DoS'ing an IRC network to shutting down a major
commercial site, the root nameservers or even a major peering point. In
a world where even the most clueless abuser can gather well over a Gb/s
of compromised bandwidth in less than 12 hours that's not just possible,
it's inevitable.

What can service providers do... well, here's a few ideas :

- Block telenet, netbios and socks proxy ports at the border.
- Make running a personal firewall a condition of service and provide
support to users to help them set it up securely.
- Develop some kind of collaberative tracing system so it's possible to
trace spoofed packets to source _easily_.
- Enforce egress filtering to eliminate the possibility of launching
spoofed source attacks from their networks.
- Enforce their terms of service by disconnecting users who are involved
in internet attacks. Far too many don't.
- STOP using routers that are insecure. Pester the manufactureres of
said routers to fix the damn things, after all the ISP's are their major
clients!

Would it help, yes. Will it ever happen, I doubt it, well not until the
attackers start pounding the crap out of one ISP after another that is,
then perhaps they'll pay attention.

So yes, DALnet is at present dead. We don't know when or if it'll be
back, you'll need to ask whoever's attacking us that question. Oh, and
if they happen to be reading this - you've proved your point, now please
go and play in a minefield someplace and leave us alone.

Jim.

--
CSoP, IRC Operator, Exploits Team Member
DALnet IRC Network.

[voodoo]

Damn the idiots doing the DOS attacks.

I havne't been able to access #He-Man and #THEMUPPETARCHIVE for weeks.

Bastards.

[oscar]

But this is a threat to not just IRC users. IRC is a service to the public, no one profits from it, and can useally be pricy to maintain. These DOS attacks stem from action by from managment to control rampant spams, child porn, and other immoral practices. These people get banned, and attack dalnet, there are also trojens on thousands on random machines on the internet that also unknowning attack these free servers. IRC(or its various incarnations) has been around much longer then many standred protocols today. Who knows whats next, news, web, gopher(ok, i just added that cause i'm from minnesota) I know dalnet isnt the only with these problems, as efnet, and undernet have been both widley reported has acknownledged such. With broadband being as more and more prevelent, firewalls need to be part of ever internet users kit.
Thats my 2 cents.