Return-Path: <sentto-279987-1292-991707604-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 04 Jun 2001 19:21:07 -0700 (PDT) Received: (qmail 21080 invoked by uid 510); 5 Jun 2001 01:20:50 -0000 Received: from ho.egroups.com (64.211.240.236) by 204.181.12.215 with SMTP; 5 Jun 2001 01:20:50 -0000 X-eGroups-Return: sentto-279987-1292-991707604-fc=all.net@returns.onelist.com Received: from [10.1.4.52] by ho.egroups.com with NNFMP; 05 Jun 2001 02:20:04 -0000 X-Sender: fc@all.net X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-7_1_3); 5 Jun 2001 02:20:03 -0000 Received: (qmail 69376 invoked from network); 5 Jun 2001 02:20:02 -0000 Received: from unknown (10.1.10.142) by m8.onelist.org with QMQP; 5 Jun 2001 02:20:02 -0000 Received: from unknown (HELO all.net) (65.0.156.78) by mta3 with SMTP; 5 Jun 2001 02:20:01 -0000 Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id TAA15420 for iwar@yahoogroups.com; Mon, 4 Jun 2001 19:20:01 -0700 Message-Id: <200106050220.TAA15420@all.net> To: iwar@yahoogroups.com In-Reply-To: <4.3.2.7.2.20010604111849.00b3e9d0@poptop.llnl.gov> from "Tony Bartoletti" at Jun 04, 2001 11:37:00 AM Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 4 Jun 2001 19:20:01 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: Re: [iwar] news Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Per the message sent by Tony Bartoletti: > At 09:40 PM 6/2/01 -0700, Fred Posted: > >DoS attacks: No remedy in sight Denial-of-service attacks are becoming > >more common and, in many cases, more serious, security experts said in > >the wake of an attack on the Internet's main warning system for security > >threats. An unknown attacker last week hit the Computer Emergency > >Response Team (CERT) Coordination Center, an important agency for > >passing information on the latest vulnerabilities in computer systems > >among security experts. ... > >[FC - of course this is not right - we know how to stop DoS attacks - it's > >just not in the best financial interest of those being attacked.] > Fred, could you elaborate just a bit, both on the "how" and the "financial > interest" parts? "No remedy in sight" - there are several viable remedies and they have existed for some time. They do cost money of course. An example was provided in: http://all.net/ Managing Network Security => April, 2000 - Countering DCAs There are also several viable commercial solutions being funded today. "(CERT) Coordination Center, an important agency for passing information on the latest vulnerabilities in computer systems among security experts..." They are only "important" to themselves as far as I can tell - and they are not an agency - they are essentially a business that's (still?) part of C-MU and funded by the government. And as far as I can tell they never really pass information about vulnerabilities among experts - because most experts aren't wiling to wait for weeks to months before hearing about problems and most experts I know prefer getting the information directly from the source rather than filtered through the CERT official process. Of course they also didn't bother mentioning distributed coordinated attacks till several years after I sent them informaiton on them (and reports of them) and they didn't bother to cite my paper on how to defeat IP address forgery when they made their announcement on it several years back and used the precise details I provided in a publication released a few months earlier... so I am not what you would call an objective observer... FC -- Fred Cohen at Sandia National Laboratories at tel:925-294-2087 fax:925-294-1225 Fred Cohen & Associates: http://all.net - fc@all.net - tel/fax:925-454-0171 Fred Cohen - Practitioner in Residence - The University of New Haven This communication is confidential to the parties it is intended to serve. PGP keys: https://all.net/pgpkeys.html - Have a great day!!! ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:15 PDT