class action suit
any lawyers here? :)
On Fri, 8 Jun 2001 [EMAIL PROTECTED] wrote:
> When the fist ISP looses a $10 million lawsuit becuase it didn't do egrees
> filtering and its servers were used for a DDoS attack, then egress filtering
> will become standard.
> But who is willing to start the suit?
>
>
>
>
> "Paul D. Robertson" <[EMAIL PROTECTED]> on 06/08/2001 09:39:26 AM
>
>
>
> To: [EMAIL PROTECTED]
>
> cc: [EMAIL PROTECTED](bcc: Bill
> Royds/HullOttawa/PCH/CA)
>
>
>
> Subject RE: This is a must read document. It will
> : freak you out
>
>
>
>
>
> If we all take the individual stance, then no, but if everyone hardened,
> then the aggragate hardening would ensure that DDoS attacks weren't easy
> to mount, and that at least critical resources at high-bandwidth
> multihomed locations (like the root servers) wouldn't be as vulnerable to
> attack. As long as everyone is only worried about themselves, and nobody
> does things like egress filter rules to stop spoofing (after all, that
> only really helps your neighbors, right?) then we'll continue to be in the
> shape we're in. If I had to count the number of times I've had to prove
> that an outbound access list on the external interface of a border router
> doesn't impact that router's performance significantly...
>
> We've got a protocol in front of IETF to do the host identification, we've
> spent time with a *lot* of very smart people talking about anti-DDoS
> methodologies. The end game is that to keep the critical infrastructure
> protected, we don't need anywhere near 100% compliance (I think the figure
> was around 20%, but I don't have that data here at home.)
>
> If you harden a site against intrusions, then it becomes one less
> launch point for attacks. If it became culturally unacceptable to put a
> default install of anything on a network, the number of sites used to
> launch any atttack would go down to the point where we could start to deal
> with individuals doing malicious acts. That's far better than throwing up
> our collective hands and saying we can't do anything about it, or waiting
> for someone else to solve the problems for us.
>
> > On the other hand, there's a sense in which a DDoS that prevents
> > users from reaching my servers cannot knock me further down than
> > zero. An actual intrusion, a compromise of sensitive medical data or
> > credit card numbers or missile launch codes, has no such natural
> > limit on how bad the damage can be....
>
> Exactly- DDoS attacks don't worry me too much from a strategic
> perspective, because one they stop they're over. Intrusions, especially
> of infrastructure components worry me significantly more because of the
> lack of boundaries on damage or malice.
>
> I'd rather have my network off the air from one of its providers than my
> leg off my body from a bad surgery scheduler.
>
> Paul
> -----------------------------------------------------------------------------
> Paul D. Robertson "My statements in this message are personal opinions
> [EMAIL PROTECTED] which may have no basis whatsoever in fact."
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
>
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
[EMAIL PROTECTED]
"Blessed are those who have not seen and yet have faith." - John 20:29
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
