more on IPv6 Forum chief: the new Internet is ready for consumption

[David Farber <dave () farber net>]

Begin forwarded message:

From: Dewayne Hendricks <dewayne () warpspeed com>
Date: November 28, 2005 9:53:19 AM EST
To: Dewayne-Net Technology List <dewayne-net () warpspeed com>
Subject: [Dewayne-Net] re: IPv6 Forum chief: the new Internet is  
ready for consumption
Reply-To: dewayne () warpspeed com

[Note:  This comment comes from reader Thomas Leavitt.  DLH]

> From: Thomas Leavitt <thomas () thomasleavitt org>
> Date: November 28, 2005 1:45:21 AM PST
> To: dewayne () warpspeed com
> Subject: Re: [Dewayne-Net] IPv6 Forum chief: the new Internet is  
> ready for consumption
>
> Dewayne,
>
> The other day, some twit hit a http server I administer with no less
> than 6,500 separate exploit attempts (before I blocked the attack) -
> friggin' amazing (and kind of scary). The network I'm on gets  
> literally
> hundreds of automated penetration attempts daily.
>
> I don't want my desktop, or my wife's desktop, or my printer, or
> anything else on my local network sitting on the open internet -  
> they're
> complicated enough to secure as it is... being hidden behind a NAT is
> *good* for the home, small office and corporate user in my opinion,
> despite how it "breaks" the fundamental end-to-end/peer-to-peer  
> paradigm
> of the Internet. Let twit like the guy above probe my relatively
> uncomplicated little NAT box. They're not likely to get anywhere.
>
> The idea of having 250 separate devices in my home sitting on the open
> Internet makes me shudder - this would be a security nightmare! Who
> wants to wake up to find out that their refrigerator has been taken
> offline by their ISP, because someone used it to launch a UDP flood/ 
> DOS
> attack against some rival's web site (and took out a bunch of other
> sites and networks in the process)? Or that some fundamentally  
> essential
> appliance or device has an unpatched security hole that has already  
> been
> exploited - people are going to be very pissed the first time they  
> have
> to leave their TV effectively turned off for a week because it has  
> been
> hacked and no fix exists yet.
>
> Imagine how many devices a corporate network admin might wind up being
> responsible for... I predict a rapid exodus from corporate IT ranks,
> right about the third or fourth time that they're rolled out of bed at
> three in the morning because some script kiddie managed to hack a  
> remote
> office's unpatched coffee maker, and is using it to try and take down
> their high school's web server. Seriously - if you're responsible for
> administering 10,000 separate devices, even with all the automated
> systems management in the world, you're likely to spend far more time
> than you'd like dealing with security flaws. There's no entertainment
> factor in this.
>
> If I'm missing something here, and I probably am, maybe someone  
> else on
> the list can fill me in...
>
> Regards,
> Thomas


Weblog at: <http://weblog.warpspeed.com>



-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/