On Mon, Aug 20, 2007 at 10:11:33PM -0500, Stephen Sprunk wrote:
The problem is that if you have a second path of entry with lesser security protocols, attackers will find a way to get themselves onto that path. For instance, imagine the terrorists have papers that look legit but they know won't pass computer cross-references; any time they want to come in, they would just disrupt the computer network and force the agents to rely on the papers alone. That's why people get stuck on the runways waiting for the computers to come back up.
So what happens when the attack changes from trying to harm/kill people to disrupting daily life in general? If the attackers (who may or may not be terrorists, whatever that means) can disrupt our networks whenever they want why isn't that a bigger problem than the fact they might slip a few people in? Remember, almost all of the 9/11 hijackers came into this country legitimately and had verifiable (if not legit) ID. To bring this back into the sea of on-topicness, I invite you to remember the early 90s, when the biggest security problem a network operator had to face was compromised machines. Everyone "knew" that this was the only real aspect to computer security, and the fact that some sites could cram (a lot) more data down a pipe than others was known, but only crackpots thought it was a problem. Then a little tool called smurf was released, and the game changed. It opened our eyes to the fact that not all security problems involve illegitimate access. We realized that a Denial of Service attack was just as bad, sometimes even worse, than a system compromise. This same period gave rise to other tools that became the bane of network operators and irc users everywhere. Pepsi, winnuke, sping, jolt. These tools didn't do anything to help the user gain access to a system, but they allowed the user to cause just as much trouble. How many of you who were working in any capacity then can honestly say you never spent hours calling upstream providers to get a flow of packets stopped? At some point our networks have to remain useful. If they can be shut down for hours or days at a time are they really secure? -Zach