How to secure the Internet in three easy steps
batz
batsy at vapour.net
Fri Oct 25 21:20:29 UTC 2002
On Fri, 25 Oct 2002, Sean Donelan wrote:
:Assuming no time, money, people, etc resource constraints; securing the
:Internet is pretty simple.
Assuming you are referring to "securing" as the balance of the holy
triuvirate of Confidentiality, Integrity and Availability, there
are other options than the modest proposals you made.
The ISP doesn't have to manage the firewall, but like I said earlier,
if they provided a configurable filter in the form of a web
interface to altering access-lists applied to the customers connection,
this would solve most problems.
It's not so much a question of what needs to be done, the technical
solutions are always the easy part. It is a question of who needs to
do it.
- If OS vendors didn't ship their products with all those services open,
we wouldn't need to protect users with default firewall policies.
- If all users suddenly had an epiphany and could go to M$.com and click
one link to lock down their home machines, M$ could keep shipping
their consumer-grade hacker-bait to soccer moms and children. Maybe
they can use their monopoly for something constructive for a change.
- If the government said that a cyberattack was emminent and launched
a WWII style propaganda campaign along the lines of "loose lips sink
ships" maybe people might catch on. This might sound silly, but it
worked for Y2k.
So, modest proposals for draconian feature enhancements and creating
arbitrary consumer and provider class users, are thankfully still
funny.
--
batz
More information about the NANOG
mailing list