Packet anonymity is the problem?

• Previous message (by thread): Packet anonymity is the problem?
• Next message (by thread): Packet anonymity is the problem?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11-apr-04, at 11:51, Yann Berthier wrote:

>> Ok, then explain to me how removing bugs from the code I run prevents
>> me from being the victim of denial of service attacks.

>    It's the other way around in fact: if others were to run (more)
>    secure code, there would be far less boxen used as zombies to launch
>    ddos attacks against your infrastructure, to propagate worms, and to
>    be used as spam relays.

You make two assumptions:

1. denial of service requires compromised hosts
2. good code prevents hosts from being compromised

I agree that without zombies launching a significant DoS is much more 
difficult, but it can still be done. Also, while many hosts run 
insecure software, the biggest security vulnerability in most systems 
is the finger resting on the left mouse button.

Also, waiting for others to clean up their act to be safe isn't usually 
the most fruitful approach.

>    While it can sound a bit theorical (to hope that the "others" will
>    run secure code), as the vast majority of users run OSs from one
>    particular (major) vendor, an amelioration of said family of OSs
>    would certainly benefit to all. Just think about all the recent
>    network havocs caused by worms propagating on one OS platform ...

I'm not all that interested in plugging individual security holes. (Not 
saying this isn't important, but to the degree this is solvable things 
are moving in the right direction.) I'm much more interested in 
shutting up hosts after they've been compromised. This is something we 
absolutely, positively need to get a handle on.

• Previous message (by thread): Packet anonymity is the problem?
• Next message (by thread): Packet anonymity is the problem?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]