North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Counter DoS
- From: Baldwin, James
- Date: Thu Mar 11 03:55:49 2004
The Symbiot whitepaper on their service describes a process with a
little more imagination and use than simply flooding attacking nodes
with packets. It describes a process which appears to require human
intervention through an Operations Center to aid in tracking down
offending nodes and notifying the offenders service providers prior to
an deployment of active defenses.
That being said, it also specifically mentions "distributed denial of
service counterattacks" as a not quite so last resort, and possibly
automated response gesture for multiple identified offenders with whom
intervention from service providers and other authorities has not been
I applaud the idea of a outsourced department that will manage the
denial of service, and "hordes of script kiddie" (nod to Ranum) problems
that plague modern networks. Anything that keeps me from being
distracted from more interesting lines of thought, rather than
constantly following up on outside nuisances is a Good Thing (tm).
However, the deployment of "active defenses" in response to a failure of
service providers to adequately secure their egress and ingress points
is not a choice any reasonable person would make. Vigilante justice
might be rewarding in the short term, but I choose not to leave the
judgment of friend and foe in the hands of someone with large amounts of
bandwidth at the tips their itchy trigger fingers.
WorldWide Technology, Services, and Operations
Electronic Arts, Inc.