Interesting People mailing list archives
more on IPv6 Forum chief: the new Internet is ready for consumption
From: David Farber <dave () farber net>
Date: Mon, 28 Nov 2005 12:27:36 -0500
Begin forwarded message: From: Dewayne Hendricks <dewayne () warpspeed com> Date: November 28, 2005 9:53:19 AM EST To: Dewayne-Net Technology List <dewayne-net () warpspeed com>Subject: [Dewayne-Net] re: IPv6 Forum chief: the new Internet is ready for consumption
Reply-To: dewayne () warpspeed com [Note: This comment comes from reader Thomas Leavitt. DLH]
From: Thomas Leavitt <thomas () thomasleavitt org> Date: November 28, 2005 1:45:21 AM PST To: dewayne () warpspeed comSubject: Re: [Dewayne-Net] IPv6 Forum chief: the new Internet is ready for consumptionDewayne, The other day, some twit hit a http server I administer with no less than 6,500 separate exploit attempts (before I blocked the attack) -friggin' amazing (and kind of scary). The network I'm on gets literallyhundreds of automated penetration attempts daily. I don't want my desktop, or my wife's desktop, or my printer, oranything else on my local network sitting on the open internet - they'recomplicated enough to secure as it is... being hidden behind a NAT is *good* for the home, small office and corporate user in my opinion,despite how it "breaks" the fundamental end-to-end/peer-to-peer paradigmof the Internet. Let twit like the guy above probe my relatively uncomplicated little NAT box. They're not likely to get anywhere. The idea of having 250 separate devices in my home sitting on the open Internet makes me shudder - this would be a security nightmare! Who wants to wake up to find out that their refrigerator has been takenoffline by their ISP, because someone used it to launch a UDP flood/ DOSattack against some rival's web site (and took out a bunch of othersites and networks in the process)? Or that some fundamentally essential appliance or device has an unpatched security hole that has already been exploited - people are going to be very pissed the first time they have to leave their TV effectively turned off for a week because it has beenhacked and no fix exists yet. Imagine how many devices a corporate network admin might wind up being responsible for... I predict a rapid exodus from corporate IT ranks, right about the third or fourth time that they're rolled out of bed atthree in the morning because some script kiddie managed to hack a remoteoffice's unpatched coffee maker, and is using it to try and take down their high school's web server. Seriously - if you're responsible for administering 10,000 separate devices, even with all the automated systems management in the world, you're likely to spend far more time than you'd like dealing with security flaws. There's no entertainment factor in this.If I'm missing something here, and I probably am, maybe someone else onthe list can fill me in... Regards, Thomas
Weblog at: <http://weblog.warpspeed.com> ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on IPv6 Forum chief: the new Internet is ready for consumption David Farber (Nov 28)