Heidi wrote: >It is very apparent from the recent postings, that there is a lot of >frustration going on here. There are a lot of smart people in this group, >perhaps everyone's energies could be put to better use, by thinking of ways >to better the situations at hand, i.e., ideas for stopping DoS attacks >"before" they reach the intended target,(is this possible? I am just >learning) > It is just barely possible. The technology has to be deployed high up in the network infrastructure, e.g. next to backbone routers. Companies developing such technologies include Captus Networks http://www.captusnetworks.com/ (who sponsored the RAID workshop last month http://www.raid-symposium.org/raid2001/ ) and Asta Networks http://www.astanetworks.com/ (founded by Stefan Savage, a friend of mine who did his PhD research at U.Washington in Seattle http://www.astanetworks.com/company/team/stefan.html ) > and coming up with useful comments about airport and other >security that may actually be used, rather than cutting down the system in >use at present. > It is *fundamental* to good security design to criticize methods that are claimed to be secure, but are not. Failure to do so leads to a false sense of security, which in turn leads to attackers unexpectedly violating security. This is PRECISELY how the attackers took out the WTC. "All that is required for evil to triumph is for good men to do nothing" --Edmund Burke So you see, it is our sacred duty to bitch & moan about other people's crappy security :-) More constructively, we should all look to our own security procedures and ensure that they are as good as we think they are. Take criticizm in a constructive light, and look to improve your methods accordingly. Issue criticizm in a polite and constructive tone, pointing out the flaws, and leaving out the ad homenims. > Yes, they may be taking away nail clippers, but you do have >other more effective ways to defend yourself and help others on the airplane >if you are in a threatened situation. Certainly with the smart people in our >group, there must be some good ideas out there for helping to improve >things. A side note; we have over 35 million laws trying to enforce 10 >commandments. Heidi > I have problems with a bunch of those commandments. Fully half of them are non-portable religion-specific doctrine: I fail to keep the sabath and take the Lord's Name in vain on a regular basis :-) Unless you meant these commandments http://www.lysator.liu.se/c/ten-commandments.html (which by the way are topical to CRIME) Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:29:37 PDT