In article <103014.1607.23062@avi.netaxs.com> you wrote: : Seems to be a case of prisoners dilema. The security of any one network : is to some extent at the mercy of all other connected networks. The : overall security of the network is only as strong as it's weakest link. : In a highly competitive market place there is going to be little : incentive to invest in security if it will just be compromised by your : cost cutting competitors. Yes, but: - Shouldn't we encourage our tax $ go with preference towards good network citizens? - If only a few of the larger networks started implementing better practices that engineering groups can't get funded today, we're still getting better off. - Starting at the core, which is who the Feds buy the most IP from, still makes life a lot simpler if and when we get the "big one" in terms of cyber-attack. I think this is probably better for a BOF (maybe even the security BOF) discussion, though... Avi
- Starting at the core, which is who the Feds buy the most IP from, still makes life a lot simpler if and when we get the "big one" in terms of cyber-attack.
Is not the problem with this that few if any attacks originate in the core, and by the time the traffics start getting aggregated there it is already more or less to late? - kurtis -
- Starting at the core, which is who the Feds buy the most IP from, still makes life a lot simpler if and when we get the "big one" in terms of cyber-attack.
Is not the problem with this that few if any attacks originate in the core, and by the time the traffics start getting aggregated there it is already more or less to late?
- kurtis -
I'm getting at attacks *on* the core as something we need to be concerned about... Thanks, Avi
At 12:31 PM 1/15/2003, Avi Freedman wrote:
- Starting at the core, which is who the Feds buy the most IP from, still makes life a lot simpler if and when we get the "big one" in terms of cyber-attack.
Is not the problem with this that few if any attacks originate in the core, and by the time the traffics start getting aggregated there it is already more or less to late?
- kurtis -
I'm getting at attacks *on* the core as something we need to be concerned about...
If protecting the core includes protecting the core from further at the edges, then the folks running core components need to require those who connect to them to implement such protection (ingress filtering and whatever other measures are deemed helpful). There's some precedent for this type of edict. Some years ago UUNet mandated anyone using their dialups MUST implement port 25 filter configs in their Radius servers. Sure seems like a better thing for the core operators to do than throw their hands in the air and say "it's someone else's problem."
- Starting at the core, which is who the Feds buy the most IP from, still makes life a lot simpler if and when we get the "big one" in terms of cyber-attack.
Is not the problem with this that few if any attacks originate in the core, and by the time the traffics start getting aggregated there it is already more or less to late?
- kurtis -
I'm getting at attacks *on* the core as something we need to be concerned about...
Ok, then I understand and agree completely! Best regards, - kurtis -
participants (3)
-
Avi Freedman
-
Daniel Senie
-
Kurt Erik Lindqvist