On 11-apr-04, at 4:48, Sean Donelan wrote:
"Because of the way TCP/IP works, it's an open network," Keromytis said. "Other network technologies don't have that problem. They have other issues, but only IP is subject to this difficulty with abuse."
I don't think so. Non-IP networks such as the phone network, the (snail) mail network and the pizza delivery network are also subject to abuse. The difference is there are much fewer convenient multipliers around that give an attacker an asymmetric advantage.
Bellovin compared the situation to bank robberies. "[S]treets, highways and getaway cars don't cause bank robberies, nor will redesigning them solve the problem. The flaws are in the banks," he said. Similarly, most security problems are due to buggy code, and changing the network will not affect that.
Ok, then explain to me how removing bugs from the code I run prevents me from being the victim of denial of service attacks.