Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0)
gtb at slac.stanford.edu
Mon Oct 6 20:09:38 UTC 2008
> Which is easier to shut down, an attack coming from a relatively small
> number of /16s that belong to the government, or one coming from the
> same number of source nodes scattered *all* over Comcast and Verizon
> and BT and a few other major providers?
> Hint 1: Consider the number of entry points into your network
> for the two cases, especially if you are heavily peered with one or more
> of the source ISPs.
The Federal Government (through its "Trusted Internet
Connection" initiative) is trying to limit the number
of entry points into the US Government networks.
(As I recall from 4000 interconnects to around 50,
where both numbers have a high percentage of politics
in the error bar.)
More information about the NANOG