Black Frog - the botnets keep coming

Eric Whitehill eric at
Thu May 25 14:49:29 UTC 2006

Gadi, one of the main issues that people take regarding this is that it
seems as though whenever we turn around, you're starting another "OMG! THE

And you get some people jumping around, and some people get all in a
frenzy over whatever the perceived issue is.  The rest of us just slap our
heads, roll our eyes and go "Oh, great, here goes Gadi on another rant..."

Many people in the internet security world, sorry to say, now have a hard
time believing what you are saying, and believing whatever you believe.
The credibility is just not there any more.  It's slipping away, because
there are only so many times someone can cry "FIRE!" in a crowded theater
before people stop believing you.  Unfortunetly, that _is_ starting to

It really seems as though every time we turn around, you're crying Wolf 
again, and it's bascially getting old.

>>> Sometimes being quiet is not going to win the war.
>> It would behoove you, however, to not cry wolf so often
> The fact that you believe that I cry wolf, shows just how sad the
> situation really is.
I would say this is more of a sign of what is going on.  People are 
starting to NOT believe you.  Perhaps it is you who should change what is 
being said, and how you are saying it.

> How long before ecommerce becomes impracticle? :) Far from relevant to
> NANOG. Or is it?
What makes you believe that e-commerce is becoming impractical?  Are there 
that many attacks against those companies?  If so, then why has the press 
not picked it up?  The DoS against SixApart hardly made the convential 
(BBC, CNN, etc) news.

> DNS beind abused like there is no tomorrow on the operational level (not
> infrastructure level) and no one (almost) even noticing is obviously not
> operational.
  I run my own publically accessable DNS servers, and they aren't being 
abused.  You're making it sound like all DNS servers everywhere are being 
abused, and that we should all stop using DNS.

> We are all techs, but the decision if for example, block ports at ISP's to
> stop worms isn't going to be a tech decision, much like hypocritically,
> ISP's these days block streaming media or P2P for extra cash. It's a
> business decision that will eventually save or kill the Internet, and to
> be honest, I see nothing wrong with it.
In other words, it seems as though you are for blocking of traffic, and 
making the internet just another Government-mandated and Gov't-regulated 
environment?  It seems as though that goes against Postel's ideals.

>From my perspective, you just want to create big huge firewall, where 
nothing is allowed, and everything is scrutinized.  That's not what the 
internet is all about.  That's not what it was created for.  It seems as 
though we should perhaps no longer call it the "Big Firewall of China", 
but perhaps, the "Big Firewall of Gadi".

> I just am happy there are some people who hold back the tide of the war we
> already lost, before governments catch up.
Even though you are losing credibility amongst your colleagues around the 

This isn't meant to be a personal attack against you Gadi, but a wake up 
call to not change your tune, but to perhaps start singing a different 
song...the song that actually gets things done.  Stop fighting with 
network operators, and start working with them.  That tends to get things 
done more quickly, and also does not burn your bridges (and credibility) 
in the process.

I think some of the ideas you have are very good, and others not so good. 
Either way, you have a good start.

Gadi, I'm not saying to stop doing what you are doing, but perhaps to 
change around how you go about doing what you are doing, and to stop 
alienating so many of your other colleagues.  Instead of working against 
groups like nsp-sec and NANOG, start working with them.  If you can't get 
vetted, then work towards getting vetted.  Work towards repairing the 
bridges.  Quite a bit of what people see is perception, and right now the 
perception is one of more of a "panic monkey", rather than a calm, 
logical, "We should really do this, or else bad stuff like example 1, 2, 
and 3, can happen, and here's the reasoning behind it." Being calm, 
logical, and working with other network operators tends to get things done 
more quickly.

NANOG mods, if I am out of line, I apologize, but I feel as though this 
needs to be said.  I am not trying to do a character assassination, just 
voice my opinion on the latest network issue.  If you have issue with it, 
please send me an email off list, and we can discuss.



More information about the NANOG mailing list