North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: White House to Propose System for Wide Monitoring of Internet (fwd)
- From: chuck goolsbee
- Date: Sat Dec 21 16:33:11 2002
The problem with this argument is you have to know exactly what you
are looking for *before* the event. Foresight is almost never 20/20.
Also, if you want to monitor massive amounts of data (something
people say can't be done easily) you just demux it using a device
like those at www.toplayer.com, or
Both solutions are adequate for breaking up massive amounts
I could write snort signatures that will trigger
a session to be re-routed based on packet content. It's fugly,
but if I can do it in my basement, a multi-billion dollar
agency acting on behalf of the only global superpower can
probably think up something a little more elegant. :)
How many times have we all encountered a variation of the following?:
1. Get a call from an FBI agent (or insert any other gov't agency)
2. Play phone tag for a week.
3. Finally get each other on the phone.
4. Special Agent So&so requests a log file or packet trace from X months ago.
The value of X usually = 6 months or more.
Only when it was a murder case have I seen a request
come in under 3 months.
5. Laugh and say... "OK, we'll try."
6. Dig and Dig... if lucky, find a 200+ megabyte log file.
7. Call agent back, offer to FTP/burn to a CD and send.
8. Agent replies: "Can you look at it for us, we are real busy."
9. Reply: "Uh... so are we, we'll let you know if we have a minute..."
10. Lather, rinse, repeat.
I have personally had this exact scenario play out four times so far in 2002.
That said, the way we have chosen to empower our government to act is
as a tool of justice (after the act), not prevention. I have no
problem with that setup, and really don't like the 'shoot first, ask
later" direction drift of the current administration.
Too many packets, not enough time, too many cooks in the government's
kitchen all looking over their shoulders at all the *other* cooks and
closely guarding their little corner of counter space and utensils.
Nothing to see, carry on...
<insert ironic sig>....
Were there mistakes? Yes. Only those who don't act don't make
mistakes. But to organize well --- *that* is a difficult task.
-- Lenin, April 24, 1917