nanog mailing list archives
Re: RE: Vulnerbilities of Interconnection
From: <sgorman1 () gmu edu>
Date: Thu, 05 Sep 2002 14:30:20 -0400
That is one of the reasons research is being done at universities, they are not answerable to FOIA's. While the university environment is not the Fort Knox of security for special projects a high level of security and confidentiality can be ensured. Trying to sort out publications is the headache. ----- Original Message ----- From: "Daniel Golding" <dgolding () yahoo com> Date: Thursday, September 5, 2002 1:27 pm Subject: RE: Vulnerbilities of Interconnection
The crux of the issue are FOIA requests. The government won't make thesetypes of vulnerability reports immmune to FOIA requests - thus a foreign terrorist or home-grown "farmbelt fuhrer" could simply order up a list of the most vulnerable sites, and select some to attack. Due to the distributed nature of the internet, and the routing protocolsthat regulate it's traffic flow, there is no single point of failure. However, we have seen how concerted attacks can be made at multiple locations, almost simultaneously. If the government could agree to allow this information to remain confidential, it would greatly expedite the process of hardening appropriatefacilities, and identifying weaknesses. - Daniel GoldingSean Donelan Said... On Thu, 5 Sep 2002 sgorman1 () gmu edu wrote:very much like to avoid doing the research in a vaccuum. Iwas hopinga discussion on NANOG wold be a good first step. The projectis quitehot with the politicos and I very much want to make sure to best recommendations are made. Formal industrsy cooperation is oneside ofthis, but I think a lot of information can be gained from aninformal> > approach as well. Any and all feedback is greatly appreciated>
http://www.infosecuritymag.com/2002/sep/2002survey/voices/verylarge.sht ml>
On security reporting... "Since Sept. 11, state, local and federal authorities have triedto gettheir arms around the potential threats to the nation's infrastructure--including the telecommunications infrastructure.They haveasked us questions like, 'What are your 100 most vulnerableplaces in thenetwork?'" "As much as we would like to help the government in its attemptto helpus, we believe it would be counterproductive to share suchinformation> widely because if it were released, it would provide a terrorist with aroadmap to our key locations. Unless the government agrees thatit canprotect our information, we will continue to respectfullydecline suchblanket requests." Bill Smith CTO and President of Interconnection Services, BellSouth
Current thread:
- Re: Vulnerbilities of Interconnection, (continued)
- Re: Vulnerbilities of Interconnection William B. Norton (Sep 05)
- Re: Vulnerbilities of Interconnection alex (Sep 05)
- Re: Vulnerbilities of Interconnection William B. Norton (Sep 05)
- Re: Vulnerbilities of Interconnection alex (Sep 05)
- Re: Vulnerbilities of Interconnection Richard Welty (Sep 05)
- Re: Vulnerbilities of Interconnection Sean Donelan (Sep 05)
- Re: Vulnerbilities of Interconnection alex (Sep 05)
- Re: Vulnerbilities of Interconnection William B. Norton (Sep 05)
- Re: Vulnerbilities of Interconnection batz (Sep 05)
- Re: Vulnerbilities of Interconnection Sean Donelan (Sep 05)
- Re: Vulnerbilities of Interconnection Dave Israel (Sep 05)
- Re: Vulnerbilities of Interconnection alex (Sep 05)
- Re: Vulnerbilities of Interconnection Dave Israel (Sep 05)
- Re: Vulnerbilities of Interconnection alex (Sep 05)
- RE: Vulnerbilities of Interconnection Al Rowland (Sep 05)
- RE: Vulnerbilities of Interconnection Dave Israel (Sep 05)
- RE: Vulnerbilities of Interconnection alex (Sep 06)
- Re: Vulnerbilities of Interconnection alex (Sep 06)