Re: [iwar] news

From: Fred Cohen (fc@all.net)
Date: 2001-06-04 19:20:01

Next message: Fred Cohen: "Re: [iwar] news"
Previous message: Glenn Williamson: "RE: [iwar] news"
In reply to: Tony Bartoletti: "Re: [iwar] news"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-Id: <200106050220.TAA15420@all.net>
To: iwar@yahoogroups.com
In-Reply-To: <4.3.2.7.2.20010604111849.00b3e9d0@poptop.llnl.gov> from "Tony Bartoletti" at Jun 04, 2001 11:37:00 AM
Organization: I'm not allowed to say
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Mon, 4 Jun 2001 19:20:01 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: Re: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Per the message sent by Tony Bartoletti:

> At 09:40 PM 6/2/01 -0700, Fred Posted:

> >DoS attacks: No remedy in sight Denial-of-service attacks are becoming
> >more common and, in many cases, more serious, security experts said in
> >the wake of an attack on the Internet's main warning system for security
> >threats.  An unknown attacker last week hit the Computer Emergency
> >Response Team (CERT) Coordination Center, an important agency for
> >passing information on the latest vulnerabilities in computer systems
> >among security experts. ...

> >[FC - of course this is not right - we know how to stop DoS attacks - it's
> >just not in the best financial interest of those being attacked.]

> Fred, could you elaborate just a bit, both on the "how" and the "financial 
> interest" parts?

"No remedy in sight" - there are several viable remedies and they have
existed for some time.  They do cost money of course.  An example was
provided in:
	http://all.net/
		Managing Network Security =>
			April, 2000 - Countering DCAs

There are also several viable commercial solutions being funded today.

"(CERT) Coordination Center, an important agency for passing information
on the latest vulnerabilities in computer systems among security
experts..."

They are only "important" to themselves as far as I can tell - and they
are not an agency - they are essentially a business that's (still?) part
of C-MU and funded by the government.  And as far as I can tell they
never really pass information about vulnerabilities among experts -
because most experts aren't wiling to wait for weeks to months before
hearing about problems and most experts I know prefer getting the
information directly from the source rather than filtered through the
CERT official process.

Of course they also didn't bother mentioning distributed coordinated
attacks till several years after I sent them informaiton on them (and
reports of them) and they didn't bother to cite my paper on how to
defeat IP address forgery when they made their announcement on it
several years back and used the precise details I provided in a
publication released a few months earlier...  so I am not what you would
call an objective observer...

FC
--
Fred Cohen at Sandia National Laboratories at tel:925-294-2087 fax:925-294-1225
  Fred Cohen & Associates: http://all.net - fc@all.net - tel/fax:925-454-0171
      Fred Cohen - Practitioner in Residence - The University of New Haven
   This communication is confidential to the parties it is intended to serve.
	PGP keys: https://all.net/pgpkeys.html - Have a great day!!!

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/

Next message: Fred Cohen: "Re: [iwar] news"
Previous message: Glenn Williamson: "RE: [iwar] news"
In reply to: Tony Bartoletti: "Re: [iwar] news"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:15 PDT