Re: WANTED: ISPs with DDoS defense solutions

["Christopher L. Morrow" <chris () UU NET>]

On Sat, 2 Aug 2003, E.B. Dreger wrote:

> CLM> Date: Wed, 30 Jul 2003 22:37:21 +0000 (GMT)
> CLM> From: Christopher L. Morrow
>
>
> CLM> The problem isn't the network, nor the filtering /
> CLM> lack-of-filtering, its a basic end host security problem.
>
> Beyond basic filtering, it's a whack-a-mole to deal with rogue
> systems.  Until the pain of having such a system is a sufficient

unless the rogue systems are out of the box secure... not every OS is, but
certainly there has been progress in this arena take simple examples like
OpenBSD and RedHat linux (or most other linuxes really) and some non-free
os's have also adopted a more 'secure' by default configuration recently.

> barrier (or reward for being good is sufficient motivation), will
> there be change?  Who should be held accountable for vulnerable
> boxen?

I believe the vendor should, but my opinion matters not :) The lawyers and
congress folks (or someone like that) needs to get a little more mad about
their 'critical infrastructure' and how vulnerable it is due to negligence
and incompetence, or atleast a criminial level of naivety...

> IANAL, but automobile vendors have recall notices...

mandated by federal regulations inside the US (atleast)... perhaps you
want this for vendors also?