Firewall Wizards mailing list archives
Re: Recent Attacks
From: "Marcus J. Ranum" <mjr () nfr net>
Date: Tue, 15 Feb 2000 18:35:59 -0500
But the key word is survivability. What can be done to make the network more survivable?
There are a small number of really smart people working on that. The good news is that there are really smart people working on it. The bad news is that it's a "hard problem."
Punishing them with litigation makes the physche feel better, but the hole in the network still exists and the next guy to exploit it may be looking for much more from all of us.
Right. This is, again, a social problem, not a technical one. We can endlessly debate the question of whether deterrence has any value in preventing crime (getting singaporeans to debate that issue against new yorkers is a really really fun hobby, BTW) but let's not. (IN fact, I'll exercise my moderator's privileges and quench such a debate!) ;)
If I read correctly, we will always have vandals. What we need to do is punish them in a way appropriate, identify what the "real" problems are, and then try to bring the "good guy" community together to plug the holes.
Precisely. The "hard problem" of the moment is to even accurately identify who's doing it. There are all kinds of issues including making sure that the identification is one that will stand up in court. Imagine explaining to a non-technical jury some kind of cryptographic watermarking of packets, or whatever, and how it proves the defendant did or didn't do something - ugh!
What's the best way to do that?
Well, honestly? I don't know. I don't think anyone does. I believe that most answers will fall back to increasing the amount of accountability that exists within networks by several orders of magnitude or more. That will be extremely expensive. My guess is it'll happen. A friend forwarded me an amazing report today; I've excerpted some of it below. Contemplate this and realize that the Big Money Guys aren't gonna put up with this kind of sh@t for very much longer:" Last week's distributed denial-of-service attacks that hit a number of top 10 Web sites cost those companies more than $1.2 billion, according to the Yankee Group. In a report, the Yankee Group asserts that the attacks resulted in capitalization losses that exceeded $1 billion on the days of the attacks, and revenue loss of both sales and advertisement revenue is expected to exceed $100 million for the sites, which include eBay, Buy.com, E-Trade, and Amazon.com." mjr.
Current thread:
- Re: Recent Attacks, (continued)
- Re: Recent Attacks Drew Smith (Feb 17)
- Re: Recent Attacks Ryan Russell (Feb 15)
- Message not available
- Re: Recent Attacks Marcus J. Ranum (Feb 15)
- Re: Recent Attacks Ryan Russell (Feb 15)
- Re: Recent Attacks Philip J. Koenig (Feb 16)
- Re: Recent Attacks Ryan Russell (Feb 17)
- Re: Recent Attacks David A. Wagner (Feb 21)
- Message not available
- Re: Recent Attacks Marcus J. Ranum (Feb 17)
- Re: Recent Attacks Ryan Russell (Feb 18)
- Re: Recent Attacks Marcus J. Ranum (Feb 15)
- Re: Recent Attacks Terry Lee Moore (Feb 15)
- Re: Recent Attacks Marcus J. Ranum (Feb 16)
- Re: Recent Attacks Bennett Todd (Feb 16)
- Re: Recent Attacks Philip J. Koenig (Feb 17)
- Re: Recent Attacks Reverend Chris Cappuccio (Feb 17)
- Re: Recent Attacks Ge' Weijers (Feb 19)
- Re: Recent Attacks Malcolm Holser (Feb 17)
- Re: Recent Attacks Brad Van Orden (Feb 17)
- Re: Recent Attacks Philip J. Koenig (Feb 17)
- Message not available
- Re: Recent Attacks David LeBlanc (Feb 17)
- Re: Recent Attacks Philip J. Koenig (Feb 17)
- Re: Recent Attacks Ryan Russell (Feb 19)