Firewall Wizards mailing list archives
RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks
From: Rick Smith <rick_smith () securecomputing com>
Date: Thu, 13 Apr 2000 14:06:04 -0500
At 10:01 AM 04/13/2000 -0700, Mark.Teicher () predictive com wrote:
I really don't think security forethought would have prevented today's Internet from evolving, but it may have slowed it down to and hopefully prevent the onslaught of security vulnerabilities that is ravaging the country side and vendors.
I agree that security forethought is a good thing. I just want to point out that things weren't much better in the good old days. Also, let's recognize that there *was* some security forethought, it's just that the Internet world took different turns than people expected. Take a look at how TCP establishes a connection, and the whole dance it does with SYN/ACK and with sequence numbers. This design is supposed to resist attempts to spoof source addresses. I remember one of the designers once related a phone conversation with someone at NSA who wouldn't say how big the sequence number space should be to resist attack (the Optimal Answer was no doubt classified), but allowed him to play Twenty Questions until he zeroed in on an acceptable number. I should also point out one place where Mark Teicher's Arpanet nostalgia might be right on: TCP was designed as an efficient replacement for two older protocols, NCP and ICP, which exchanged a half-dozen messages to establish a single bidirectional connection. I think of that when I see discussions of protocols to detect SYN flood messages by exchanging additional messages containing nonces or something. (I'm not really suggesting we go back to NCP and ICP -- they had some nasty problems -- but we seem to be talking about returning to a more lengthy and elaborate connection protocol).
Developers, Programmers and other Engineers knew about buffer overflows, poorly written protocols, etc.
Agreed. This is one of the two major causes of today's security problems. But' I'm afraid we'll have to develop a significant body count (people *dying* from software quality failures) before non-experts really take this seriously. Most people see buggy software from Microsoft and other vendors as more of a joke than a potential disaster. And proposed changes to the Uniform Commercial Code will largely absolve vendors from legal liability for software flaws. Progress of the wrong sort. The other cause is that the threat environment itself is changing as time goes by. Engineers build systems to operate in a particular environment, based on their limited foreknowledge of how the system might be used. Users tend to find incredibly "creative" ways of using systems, especially flexible ones like the Internet protocol suite. The mere fact that the Internet is being used for commercial transactions opens it up to a level of attack that many designers and developers didn't seriously consider 15 years ago. Then you have the fact that integrators and end users will use the mechanisms themselves in astonishing ways, like running NFS across a public Internet link, or using e-mail to host a tunneling protocol. One of those pithy quotes I need to track down some day was some fictional football player's announcement after a game: "What could have happened, DID." Rick. smith () securecomputing com
Current thread:
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks Mark . Teicher (Apr 18)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks Rick Smith (Apr 18)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks R. DuFresne (Apr 20)
- <Possible follow-ups>
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks -reply Mark . Teicher (Apr 18)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks -reply Rick Smith (Apr 18)