Is there a line of defense against Distributed Reflective attacks?
Mike Hogsett
hogsett at csl.sri.com
Fri Jan 17 21:45:57 UTC 2003
> > Getting everyone to take security more seriously will most likely never
> > going to happen.. :(
>
> If this is the case then we are screwed... I hope its not the case, I hope
> that the customer service folks at ISP/NSP's and NOC and Engineering folks
> all keep this in their minds and push their upper management to start
> doing the right thing. It really doesn't cost that much, and its certainly
> cheaper than the cost of outages or lost revenue when your business is
> DoS'd, eh?
When the insurrance companies get involved and charge a larger premium to
corporations not implementing reasonable security policies and procedures
then the situation will improve.
Time and time again I have seen corporations do nothing about a problem
(physical safety, physical security, network security) until it hurts the
bottom line.
Also, a large profile (e.g. in the mainstream media) network security
incident against a large corporation would again bring attention to the
problem. I think that if a network security incident had brought Enron to
its knees, rather than questionable accounting, people would be taking
more notice of the problem.
- Michael Hogsett
More information about the NANOG
mailing list