How to secure the Internet in three easy steps

• Previous message (by thread): DNS issues various
• Next message (by thread): How to secure the Internet in three easy steps
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Assuming no time, money, people, etc resource constraints; securing the
Internet is pretty simple.

1. Require all providers install and manage firewalls on all subscriber
connections enforcing source address validation.

2. Prohibit subscribers from running services on their own machines.  Only
approved provider managed servers should provide services to users.

3. Prohibit direct subscriber-to-subscriber communication, except through
approved NSP protocol gateways.  Only approved NSP-to-NSP proxied traffic
should be exchanged between network providers.

Are there some down-sides? Sure.  But who really needs the end-to-end
principle or uncontrolled innovation.

  "No, the electric telegraph is not a sound invention. It will always be
  at the mercy of the slightest disruption, wild youths, drunkards, bums,
  etc.... The electric telegraph meets those destructive elements with
  only a few meters of wire over which supervision is impossible. A
  single man could, without being seen, cut the telegraph wires leading
  to Paris, and in twenty-four hours cut in ten different places the
  wires of the same line, without being arrested."
       - Dr. Barbay, Paris France, 1846

• Previous message (by thread): DNS issues various
• Next message (by thread): How to secure the Internet in three easy steps
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]