Re: Recent Attacks

From: Terry Lee Moore (tlmoor2at_private)
Date: Tue Feb 15 2000 - 13:02:03 PST

Next message: Robert Graham: "RE: Automated IDS response"

Previous message: R. DuFresne: "Re: open all TCP/UDP in Gauntlet (fwd)"
Maybe in reply to: hndat_private: "Recent Attacks"
Next in thread: Marcus J. Ranum: "Re: Recent Attacks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    My apologies to Ryan Russell and Macus J. Ranum and anyone else if I
misunderstood.

    I tend to think that, similar to what ISO 9000 does, these latest
exploits tend to show us where our network weaknesses are and what needs
fixing.  I don't mean to excuse anyone.  I want the culprits punished.
But the key word is survivability.  What can be done to make the network
more survivable?
Punishing them with litigation makes the physche feel better, but the
hole in the network still exists and the next guy to exploit it may be
looking for much more from all of us.  If I read correctly, we will
always have vandals.  What we need to do is punish them in a way
appropriate, identify what the "real" problems are, and then try to
bring the "good guy" community together to plug the holes.
    What's the best way to do that?
--                    Terry
Terry Lee Moore                         tlmoor2at_private
Systems Administrator                   303-541-6737 voice
U S WEST, Advanced Technologies         303-405-9914 pager

Next message: Robert Graham: "RE: Automated IDS response"
Previous message: R. DuFresne: "Re: open all TCP/UDP in Gauntlet (fwd)"
Maybe in reply to: hndat_private: "Recent Attacks"
Next in thread: Marcus J. Ranum: "Re: Recent Attacks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:03:48 PDT