Interesting People mailing list archives
DDOS attacks
From: David Farber <dave () farber net>
Date: Sun, 9 Aug 2009 17:16:47 -0400
Begin forwarded message: From: "Michael O'Dell" <mo () ccr org> Date: August 9, 2009 2:54:16 PM EDT To: dave () farber net Subject: DDOS attacks a fundamental problem with Denial of Service Attacks, and most other Internet "security" problems in general, is that they are "attacks" only in retrospect. In fact, a DDOS attack is indistinguishable from a success disaster (flash crowd, "slashdotted", etc) only after observing the event for a while and then imputing nefarious intent. Given that we have no way of imputing the intent of another human short of observing his actions in context, IN RETROSPECT, it's hard to imagine how one can examine packets in real-time and impute intent in any general-purpose fashion. This is also the difficulty of doing "QoS enforcement"; it requires the network to impute the recipient's desire to receive a packet in question (or even harder, ordering the desirability of many packets closely spaced in time). Various schemes have been proposed to create varying amounts of "state" in the network for the purpose of having network components make such judgments on a recipient's behalf, but that works only in the case of packet interchanges which are lengthy with respect to the time taken to establish the state *after* the recipient identifying a sender as being "of interest" at some level. Without that statement of interest by the recipient it's not possible to avoid even worse pathologies. This feeds into numerous other questions all hinging on how much state (per endpoint, per microflow, per whatever) can be placed in which network components, which ones can actually do any good, and what a packet recipient must reveal to make this happen. There are serious questions of privacy and related matters involved. I know I've made this point before, but it is important to repeat because people seem to keep missing it: schemes that rely upon notions of "strong identity" are dubious at best. In the Real World(tm), proving identity to another human in a manner which is difficult to spoof or compromise is *very* hard indeed. (Anyone who has endured a background investigation for a security clearance knows this firsthand.) Why anyone believes a Silicon Surrogate is any easier to authenticate than the human(s!) behind it simply beyond my understanding. These things are messy, ugly, ambiguous, fluid, and dynamic because, unlike computers (at the moment), humans are messy, ugly, ambiguous, fluid and dynamic because they have myriad motives and agenda (often at the same time!). If you can't do it well in the Real World(tm), it's essentially certain you won't do it any in the Bit World(tm). -mo ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- DDOS attacks David Farber (Aug 09)
- <Possible follow-ups>
- Re: DDOS attacks David Farber (Aug 09)
- DDOS attacks David Farber (Aug 10)