[54331] in North American Network Operators' Group
Re: White House to Propose System for Wide Monitoring of Internet
daemon@ATHENA.MIT.EDU (Sean Donelan)
Sun Dec 22 19:36:07 2002
Date: Sun, 22 Dec 2002 19:35:32 -0500 (EST)
From: Sean Donelan <sean@donelan.com>
To: nanog@merit.edu
In-Reply-To: <Pine.BSF.4.21.0212201912310.81324-100000@vapour.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Fri, 20 Dec 2002, batz wrote:
> Lets say you have a an IDS load balancer sitting on a GigE span
> port with a few sensors watching everything go by. If an alert is
> triggered, a script is executed which goes out to the router closest
> to the origin of the session and initiates the overlaid tunnel.
On any major backbone the IDS function becomes
GlobalIDSFunction() {
While (1) {
printf("Attack Detected!");
}
}
Do you really want an automatic wiretap installed on your line
every time an attack is detected? Have you recently connected a
system to the Internet that hasn't been attacked?
