6 Oct
2008
6 Oct
'08
4:09 p.m.
Which is easier to shut down, an attack coming from a relatively small number of /16s that belong to the government, or one coming from the same number of source nodes scattered *all* over Comcast and Verizon and BT and a few other major providers?
Hint 1: Consider the number of entry points into your network for the two cases, especially if you are heavily peered with one or more of the source ISPs.
The Federal Government (through its "Trusted Internet Connection" initiative) is trying to limit the number of entry points into the US Government networks. (As I recall from 4000 interconnects to around 50, where both numbers have a high percentage of politics in the error bar.)