On Mon, 19 Sep 2005, Florian Weimer wrote:
* Gadi Evron:
I would really like to hear some thoughts from the NANOG community on threats such as the one described above. Let us not get into an argument about 0-days and consider how many routers are actually patched the first... day.. week, month? after a vulnerability is released.
The bad guys obviously aren't interested in taking down the Internet. I wouldn't worry too much. 8-)
I don't want the above to sound as FUD. My point is not to yell "death of the Internet" but rather to get some people moving on what I believe to be a threat, and considering it on a broader scale is LONG over-due.
I'm curious as to why people think that the problem isn't being addressed?
I would ask some people who have experienced meltdowns on large-scale networks, due to Slammer, Blaster or something else. Basically, what do you do when you don't have management access to your network gear anymore, and stuff like that.
To some extent, what you fear has already happened, and we could learn from that.