Ethical DDoS drone network
Patrick W. Gilmore
patrick at ianai.net
Mon Jan 5 11:55:44 UTC 2009
On Jan 5, 2009, at 2:54 AM, Roland Dobbins wrote:
> On Jan 5, 2009, at 3:04 PM, Patrick W. Gilmore wrote:
>
>> I can think of several instances where it _must_ be external. For
>> instance, as I said before, knowing which intermediate networks are
>> incapable of handling the additional load is useful information.
>
> AUPs are a big issue, here..
No, they are not.
AUPs do not stop me from sending traffic from my host to my host
across links I am paying for.
>> Without arguing that point (and there are lots of scenarios where
>> that is not at all necessary, IMHO), it does not change the fact
>> that external testing can be extremely useful after "air-gap"
>> testing.
>
> Agree completely.
>
>> You live in a very structured world.
>
> The idea is to instantiate structure in order to reduce the chaos.
>
> ;>
>
>> Most people live in reality-land where there are too many variables
>> to control, and not only is it impossible guarantee that everything
>> involved is strict to BCP, but the opposite is almost certainly true.
>
> Nothing's perfect, but one must do the basics before moving on to
> more advanced things. The low-hanging fruit, as it were (and of
> course, this is where scale becomes a major obstacle, in many cases;
> the fruit may be hanging low to the ground, but there can be a *lot*
> of it to pick).
Perhaps we are miscommunicating.
You seem to think I am saying people should test externally before
they know whether their internal systems work. Of course that is a
silly idea.
That does not invalidate the need for external testing. Nor does it
guarantee everything will be "BCP compliant", especially since
"everything" includes things outside your control.
--
TTFN,
patrick
More information about the NANOG
mailing list