Fwd: cnn.com - Homeland Security seeks cyber counterattack system(Einstein 3.0)

Buhrmaster, Gary gtb at slac.stanford.edu
Mon Oct 6 20:09:38 UTC 2008

> Which is easier to shut down, an attack coming from a relatively small
> number of /16s that belong to the government, or one coming from the
> same number of source nodes scattered *all* over Comcast and Verizon
> and BT and a few other major providers?
> Hint 1: Consider the number of entry points into your network 
> for the two cases, especially if you are heavily peered with one or more 
> of the source ISPs.  

The Federal Government (through its "Trusted Internet
Connection" initiative) is trying to limit the number
of entry points into the US Government networks.
(As I recall from 4000 interconnects to around 50,
where both numbers have a high percentage of politics
in the error bar.)

More information about the NANOG mailing list