[Operational] Internet Police

Michael Smith tifoso.michael at gmail.com
Thu Dec 9 12:19:04 CST 2010

My question is what architectural recommendations will you make to your
employer if/when the US Govt compels our employers to accept our role as the
"front lines of this "cyberwar"?

I figure once someone with a relevant degree of influence in the govts
realizes that the "cyberwar" is between content/service controllers and
eyeballs.  With involuntary and voluntary botnets as the weapons of "the
eyeballs", relying exclusively on a line of defense near to the content
(services) leaves a great expanse of "battlefield".  I would expect the
content/service controllers to look for means to move the battleline as
close to the eyeballs as possible (this community) So... if/when our
employers are unable to resist the US Govt's demand that we "join in the
national defense", wouldn't this community be the ones asked to guard the

Assuming the govt won't send federal agents into each of our NOCs, won't our
employers ask us "what can we do?"

If inspecting and correlating every single packet/flow for attack signatures
is not feasible (on scale), are there name/address registration/resolution
measures that could effectively lock-down the edge?  ...will we look toward
China/Saudi Arabia/etc for lessons learned in there 'great firewalls' to
develop a distributed version where central control pushes policy out to the
edge (into the private networks that currently provide the dreaded "low
barrier for entry")?

Obviously the environment is created by layers 8/9, but I'm interested in
the layer 1-7 solutions that the community would consider/recommend.


More information about the NANOG mailing list