On 7 Jun 2001, at 16:30, Paul D. Robertson wrote:
> On Thu, 7 Jun 2001, Zachary Uram wrote:
>
> > Hi Paul,
> >
> > So is DDoS attacks biggest security threat out there?
>
> No, most certainly intrusions are the biggest threat out there.
> Stopping intrusions would naturally stop DDoS as well as other
> attacks.
Stopping intrusions *on every host in the wild* should prevent
their being used as DDoS zombies. It wouldn't prevent them being
used as smurfs -- you have to prevent source spoofing for that.
Given that none of us, as far as I know, is in a position to fix
every host in the wild, then if I harden a site against intrusions,
does it become immune to DDoSes? NO, because the DDoS that takes my
site off the air may be targetted at something I don't control: ISP
routers, DNS root servers, Akamai cache servers, etc.
It's not obvious to me that defending against intrusions does
anything to protect me from DDoSes. (Okay, folks -- I'm setting
myself up to learn something here. Teach me the error of my ways.)
On the other hand, there's a sense in which a DDoS that prevents
users from reaching my servers cannot knock me further down than
zero. An actual intrusion, a compromise of sensitive medical data or
credit card numbers or missile launch codes, has no such natural
limit on how bad the damage can be....
David Gillett
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
