Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

'we should all be uncomfortable with the extent to which luck..'

  • From: k claffy
  • Date: Wed Jul 25 01:39:37 2001




david moore's analysis of code red: episode 0/1 is at
  
  	http://www.caida.org/analysis/security/code-red/

[funded by DARPA's ITO office NGI/NMS programs,
NSF ANIR, and CAIDA members, david a caida PI]
  
definitely check out jeff brown's animation at bottom; 
watch carefully around 15:00 for pretty ominous elbow 
in infection rate (get an epidemiologist to look at it 
without telling them what it is...)

360,000 machines (well, IP addresses) infected
in under 14 hours.

  
from conclusion:

	//
	..in the final analysis, we should all 
	be uncomfortable with the extent to which luck, 
	rather than proactive diligence, maintains the 
	stability of the Internet infrastructure. 
	//

it goes without saying that many hosts are still vulnerable.  
and will likely remain so (to this or the next poison)
until our luck runs out.   do we expect the next version 
to have the two weaknesses christopher pointed out today?  
do we expect the next version won't clear every 3rd bit on 
the hard drive?

almost makes me wonder if some white hat might (should?) have 
been behind CodeRed as some 'vaccination' attempt.

	"The bad news is, nobody will do anything about 
	 critical infrastructure protection until there's 
	 a global catastrophic failure," said Rasch.
  	 The good news is, there will be a global catastrophic failure."

	   -- http://www.nando.net/technology/story/44887p-694372c.html

the worse news is: protecting 'critical infrastructure'
is far from enough.  again from 
http://www.caida.org/analysis/security/code-red/

	This assault also demonstrates that machines operated by home
	users or small businesses (hosts less likely to be maintained
	by a professional sysadmin) are integral to the robustness of
        the global Internet. As is the case with biologically active
        pathogens, vulnerable hosts can and do put everyone at risk,
        regardless of the significance of their role in the population.


fwiw, caida trying to do gentle survey of patching speed,
see http://worm-security-survey.caida.org/

k

ps:  john maddog hall (linux int'l) had a great slide a
     few months ago at UCSD talk; upshot something like

     INSTALLED BASE  (EARTH)

     	+ 20 million linux systems
     	+ 450 million gates licenses
        ==>  4.4 - 6.6 % of the population total

     ... world population: ~6B

     ==>  5.4 billion people haven't selected an OS yet


[k: maybe we can get them on OS-antioxidants
before it's too late]




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.