Firewall Wizards mailing list archives

RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Wed, 19 Apr 2000 19:01:45 -0400 (EDT)


Mark,

Again, Rick is trying to explain how it really was.  Understand the
original system did not include such toys as www, mail, and usenet to
mention a few, these were addons, as was dns, in the days Rick seaks of
knowingly, and I allude to from stories heard from the grey beards still
about <I'm not quite as old as some of these folks (grin)>, folks grabbed
a host file for ip address mapping from a key server, the file was a
manageable ftp at those times.  Imagine attempting to do so 
now...

Thanks,

Ron DuFresne

On Thu, 13 Apr 2000 Mark.Teicher () predictive com wrote:

I really don't think security forethought would have prevented today's 
Internet from evolving, but it may have slowed it down to and hopefully 
prevent the onslaught of security vulnerabilities that is ravaging the 
country side and vendors.

Developers, Programmers and other Engineers knew about buffer overflows, 
poorly written protocols, etc.  At the time people were less concerned 
about security since Daily NEWS bulletins were not available 24 hours a 
day , seven days a week.  Today, as the communication medium now includes 
the Internet as a major contributor in connecting people who are can far 
far away or close by with in a blink of an eye.  Our view have changed, 
governments have changed, and the cost of living has increased, therefore 
introducing us to whole slew of problems waiting to happen. The Internet 
as it stands right now will that medium that delivers the last 
communication before the mushroom cloud is seen by billions of people, 
either that we all get sucked up by the aliens who secretly gave us the 
technology to develop high speed connectivity.. :)



/m




Rick Smith <rick_smith () securecomputing com>
04/13/00 09:35 AM

 
        To:     Mark.Teicher () predictive com
        cc:     firewall-wizards () nfr net, JCarson () smartronix com, CrumrineGL () state gov
        Subject:        RE: [fw-wiz] SANS Flash: Urgent Request For Help In Stopping DOS Attacks


At 07:55 AM 04/13/2000 -0700, Mark.Teicher () predictive com wrote:

Actually, security was a big contributor in the Internet evolving, if it
was not for initial military funding, the Interner would not have existed
as early as it did.  Security features were definitely a big part back
then, but after some of the initial involvement was completed, other
parties got involved and things have evolved to what we have today..


You seem to suggest that the Internet "lost" some security capabilities it
had in its early days.

I say that those security features would have prevented today's Internet
from evolving.

The security features you allude to were part of the original ARPANET,
which was a closed network that could only be extended if the controlling
authority (the DOD) agreed. All the "routers" (IMPS in Arpanet parlance)
resided in relatively secure machine rooms managed by organizations that
the DOD trusted to some extent (military bases, defense contractors, and
universities heavily involved in defense research). It was a very 
difficult
and expensive proposition to get connected to the Arpanet. The network
never grew past dozens of nodes and hundreds of hosts.

Contrast this with the Internet. All you had to do was get a telecom
connection to an ISP and you yourself could become an ISP. Nobody had to
ask permission to add hosts to the Internet, they just did it. ISPs grew 
up
in garages, basements, under beds, anywhere. The lack of centralized
control fueled the Internet's growth. But the technical flexibility that
supported its exponential growth also allowed the recent rash of DDOS 
attacks.

Incidentally, none of us who worked on the Arpanet considered it a
particularly "secure" network. Most of its security relied on the physical
protection of IMPs and on administrative control of connected host
computers. Software based access control was weak or nonexistent in many
places, and dial-in numbers were widely and carelessly distrubuted. But it
was very rare for peoples' work to be disrupted by outside interference. 
So
the user community didn't really want much more security.

Rick.
smith () securecomputing com


-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior consultant:  darkstar.sysinfo.com
                  http://darkstar.sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

Current thread:

RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks Mark . Teicher (Apr 18)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks Rick Smith (Apr 18)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks R. DuFresne (Apr 20)
- <Possible follow-ups>
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks -reply Mark . Teicher (Apr 18)
  - RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks -reply Rick Smith (Apr 18)