Re: Packet anonymity is the problem?

[Henry Linneweh <hrlinneweh () sbcglobal net>]

There are network equipment manufactures who offer 
last mile protection at the chip level which forces
authentication or the packets get dropped, this has
been around for about 4 years now and people should
seriously look at that as a solution, fast changeable
FPGA designs can accommodate such issues and can be
changed on the fly long before someone has time to
effectively reverse engineer them to find out how they
work, they will always be behind by several years and
will not he having access to source code to be able to
hack anything........

Forced Identification for people who purchase Cisco
reseller equipment and any other manufacturer of said
equipment will put a dent in some of this non sense
also. If there is to be security then you must look
at the entire issue well beyond the ability to hack
stuff. Anyway my 2 cents for the moment

-Henry




--- Yann Berthier <yb () sainte-barbe org> wrote:
> On Sun, 11 Apr 2004, Iljitsch van Beijnum wrote:
>
> > Ok, then explain to me how removing bugs from the
> code I run prevents 
> > me from being the victim of denial of service
> attacks.
>
>    It's the other way around in fact: if others were
> to run (more)
>    secure code, there would be far less boxen used
> as zombies to launch
>    ddos attacks against your infrastructure, to
> propagate worms, and to
>    be used as spam relays.
>
>    While it can sound a bit theorical (to hope that
> the "others" will
>    run secure code), as the vast majority of users
> run OSs from one
>    particular (major) vendor, an amelioration of
> said family of OSs
>    would certainly benefit to all. Just think about
> all the recent
>    network havocs caused by worms propagating on one
> OS platform ...
>
>       - yann