Re: Self Defense thourg DoS... ? (was: too many illegal connection attempts through ssh)

2005-04-14 Thread Benjamin Rossen 
On Thursday 14 April 2005 00:30, Hexren wrote:
 Central _trusted_ authority leaves a bitter taste in my mouth... but
 then I may be paranoid.
 Anyway if I am a local user on a machine and I have access to an ssh
 binary (that is what I meant with ssh access) and bash, I can churn out 
connections
 with the only limit beeing my bandwith and system limits on the number
 of processes I can run at one time. But even with these set to
 sensible defaults say 10 processes and 1/10 of site bw. I am able to
 attack many disparate machines in different parts of the world
 therefore I am able to trigger a _defensive_ DoS against the machine
 in that I am.
 
 Regards
 Hexren

Hexren, 

I get your point. It is a very good point. Economists call that 'moral 
hazard', by which they mean that any system instituted to protect against one 
evil, can be recruited by a some individuals to bring about another 
inforeseen evil. The question then becomes; which is the greater evil? 

How may people who are local users and have access to ssh, are going to want 
to use defensive DOS to bring down the machine they are on? Surely, if they 
have these privileges, there are countless easier and more direct ways of 
bringing down their own machines. Even if there are some situations where the 
porposed system of defensive DOS can be used in this way, is the evil that 
results from these remote suicides worse that the evil that results from the 
crackers who are presently not checked in any way? 

Trusted authorities are a necessary feature of life in the real word, but 
there should be checks and balances in place. The word 'trusted' implies 
that. They are not just Statutory Authorities, or Powerful Forces. They are 
trusted by some one or some group, or the majority, and perhaps universally. 
Perhaps the question here should be: who determines which authority should be 
trusted, and who monitors their exercise of authority to see that they remain 
trustworthy? 

Benjamin Rossen 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Self Defense thourg DoS... ? (was: too many illegal connection attempts through ssh)

2005-04-13 Thread Hexren 
 On Wednesday 13 April 2005 23:55, Hexren wrote:
  Just an idea...
 
  Benjamin Rossen 
 
 -
 
 Sounds fun but opens the door for every local user with ssh access to
 DOS the machine he is on. I am not that found of the idea.

 Not at all. Let us say that a trusted authority were to operate the central 
 server. The central server would not authorize a coordinated defensive DOS 
 unless there were to be evidence that the cracker had been attacking many 
 machines - perhaps the criterion could be framed to trigger a defensive DOS 
 only if it were established that the cracker had been attacking many 
 disparate machines in different parts of the world. 

 Who is tracking this kind of thing centrally? No one. When you find that 
 someone is trying to get into one of your servers you have no idea of what 
 else that individual may be doing. A central trusted authority would know. 

 Benjamin Rossen 


-

Central _trusted_ authority leaves a bitter taste in my mouth... but
then I may be paranoid.
Anyway if I am a local user on a machine and I have access to an ssh
binary (that is what I meant with ssh access) and bash, I can churn out 
connections
with the only limit beeing my bandwith and system limits on the number
of processes I can run at one time. But even with these set to
sensible defaults say 10 processes and 1/10 of site bw. I am able to
attack many disparate machines in different parts of the world
therefore I am able to trigger a _defensive_ DoS against the machine
in that I am.

Regards
Hexren

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]