Government scrutiny is headed our way
Michael Dillon
michael at memra.com
Tue Jun 16 17:44:47 UTC 1998
Government scrutiny is headed our way
http://www.fcw.com/pubs/fcw/1998/0615/fcw-frontcyber-6-15-1998.html
The feds are worried that it is too hard to track down cyber attackers.
Although the article doesn't say this explicitly I expect that it won't be
long before we see politicians calling for some sort of mandated tracing
capabilities between network providers
And since IOPS http://www.iops.org/ is hosted by a government funded
agency located on the outskirts of DC, I expect that it will be involved
in this whole thing.
If we could track attacks to their source more quickly, then government
would not feel the need to intervene. This may require some changes to
router software but unless network operators ask for the changes, the
manufacturers will not do it.
We need some sort of protocol that will recursively track spoofed source
address packets back to their source one hop at a time. Given a
destination address the protocol would track it to the previous hop router
and recurively initiate the same tracking procedure on that router. Once
the attack is tracked to the source, the probe would unroll and report the
results to all routers along the probe path for logging or reporting.
We have seen that when misconfigured equipment can be quickly identified,
such as the smurf amplifiers, then we can apply pressure and get things
fixed. Similarly if we can quickly identify the source of a spoofed source
address attack then we can apply pressure to get filters in place and have
people arrested or secure an insecure machine as the case may be.
--
Michael Dillon - Internet & ISP Consulting
Memra Communications Inc. - E-mail: michael at memra.com
http://www.memra.com - *check out the new name & new website*
More information about the NANOG
mailing list