[34095] in North American Network Operators' Group
Re: Six million ways to crash
daemon@ATHENA.MIT.EDU (jamie rishaw)
Sun Jan 28 00:36:13 2001
Date: Sun, 28 Jan 2001 00:31:07 -0500
From: jamie rishaw <jamie@arpa.com>
To: Sean Donelan <sean@donelan.com>
Cc: nanog@merit.edu
Message-ID: <20010128003107.A78584@arpa.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20010128051043.20929.cpmta@c004.sfo.cp.net>; from sean@donelan.com on Sat, Jan 27, 2001 at 09:10:43PM -0800
Errors-To: owner-nanog-outgoing@merit.edu
On Sat, Jan 27, 2001 at 09:10:43PM -0800, Sean Donelan wrote:
> In nearly a century of international telecommunications, the number
> of deliberate attacks on the infrastructure itself is amazingly small.
> Historically, network engineers have been more dangerous to the
> infrastructure than malicious actors. The telephone system, credit
> card system, electric grid and so forth all have significant infrastructure
> vulnerabilities.
You should work for NIPC. :-)
> > Obviously it's pretty hard to add additional servers but has the option of
> > splitting the current group into multiple distributed machines with the
> > same ip (like how these other DNS organisations are doing) been looked at?
>
> I haven't physically seen all the root servers, but the volunteers
> operating the servers take their task seriously. There are a lot more
> than 13 physical machines. Of course, Murphy is always on the prowl, and
> there isn't a real effective way to protect against a DDOS. If there
> was a way to protect your server, I think the IRC people would have
> already implemented it.
IRC isn't all bad.
There's a few good users.
Maybe four.
--
i am jamie at arpa dot com .. and this is my .sig.
core1.dns.microsoft.com# sho access-list 101
Extended IP access list 101
deny udp any any eq domain (874572345872345 matches)
