[134468] in North American Network Operators' Group
Re: NIST IPv6 document
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Thu Jan 6 02:51:17 2011
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: Nanog Operators' Group <nanog@nanog.org>
Date: Thu, 6 Jan 2011 07:50:17 +0000
In-Reply-To: <201101060651.p066piXN088758@aurora.sol.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 6, 2011, at 1:51 PM, Joe Greco wrote:
> There are numerous parallels between physical and electronic security.
> Let's just concede that for a moment.
I can't, and here's why:
1. In the physical world, attackers run a substantial risk of being caught,=
and of tangible, severe penalties if that eventuality comes to pass; in th=
e online world, the risk of being caught is nil.
2. In the physical world, attackers have a limited number and variety of re=
sources they can bring to bear; in the online world, the attackers have nea=
r-infinite resources, for all practical purposes.
3. In the physical world, the attackers generally don't posses the ability =
nor the desire to bring the whole neighborhood crashing down around the ear=
s of the defenders; in the online world, they almost always have the abilit=
y, and often the desire, to do just that.
> Making it harder to scan a network *can* and *does* deter certain classes=
of attacks.=20
But as I've tried to make clear, a) I don't believe that sparse addressing =
does in fact make it harder to scan the network, due to hinted scanning via=
DNS/routing/whois/ND/multicast, b) I believe that pushing the attackers to=
wards hinted scanning will have severe second-order deleterious effects on =
DNS/network infrastructure/whois, resulting in an overall loss in terms of =
security posture, and c) I don't believe that attackers will cease pseudo-r=
andomized scanning, and d) I believe that in fact they will throw vastly mo=
re resources at both hinted and pseudo-randomized scanning, that they have =
near-infinite resources at their disposal (with an ever-expanding pool of p=
otential resources to harness), and that the resultant increase in scanning=
activity will also have severely deleterious second-order effects on the s=
ecurity posture of the Internet as a whole.
In short, I'm starting from a substantially different, far more pessimistic=
set of base premises, and therefore draw a far more negative set of result=
ing inferences.
I don't believe the sky is falling; I believe it's already fallen, and that=
we're just now starting to come to grips with some of the ramifications of=
its fall. =20
In my view, an IPv6 Internet is considerably less secure, and inherently le=
ss securable, than the present horribly insecure and barely securable IPv4 =
Internet; furthermore, I believe that many of the supposed 'security' measu=
res being touted for IPv6 are at best placebos, and at worst are iatrogenic=
in nature.
------------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Most software today is very much like an Egyptian pyramid, with millions
of bricks piled on top of each other, with no structural integrity, but
just done by brute force and thousands of slaves.
-- Alan Kay
