[95598] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

RE: On-going Internet Emergency and Domain Names

daemon@ATHENA.MIT.EDU (Dave Rand)
Sat Mar 31 19:43:27 2007

From: dlr@bungi.com (Dave Rand)
Date: Sat, 31 Mar 2007 16:19:58 -0700
In-Reply-To: Matt Ghali's message on Mar 31, 15:26.
To: Matt Ghali <matt@snark.net>, Fergie <fergdawg@netzero.net>
Cc: nanog@merit.edu
Errors-To: owner-nanog@merit.edu


[In the message entitled "RE: On-going Internet Emergency and Domain Names" on Mar 31, 15:26, Matt Ghali writes:]
> 
> On Sat, 31 Mar 2007, Fergie wrote:
> 
> > So very clever.
> >
> > If you're not part of the solution... etc.
> 
> I feel so worthless standing next to you, the Solver.
> 

Guys.

We *all* (everyone reading this) have a role to play in dealing with problems
on the Internet.  There is *no* "one true solution" to what amounts to
criminal activity - not on the Internet, and not in real life.

We, collectively, have enabled a new frontier of civilization.  The Internet
is ever growing and changing, and we, collectively, need to address problems
as they come up.

The dominant OS vendor is currently part of the issue, certainly.  But if that
dominant OS vendor were (insert your favorite UNIX OS vendor), the same
problems would exist.

We are not fighting technology.  We are dealing with very well organized,
smart, and well-funded people.

We need to focus on solutions that we can deploy, which will address the
problems at hand, as we discover them.  That means we will deploy things that
do not solve underlying prolems, but address the symptoms as best we can, to
prevent the entire mess from falling down.

That means that we must look at short-range solutions to address things
in near-real-time, and we need to look at changing the legal system
to catch up.  We also need to look at the policies which enable people
to abuse the systems we have deployed.  And we need to look at user education.
And fixing the operating systems.  And improving infrastructure, so we
can deal with 15 Gbps attacks.  And...

There is no "one true solution" to this.  That means you, as network
operators, need to look at what makes sense *today*, and *DEPLOY IT*.

"Someone else" isn't going to solve these issues, and waiting for them is
folly.  Do what you can, today, to address the problems you know about.  Do
what you can, today, to protect your users.  Do what you can, today, to stop
malicious behaviour from leaving your network.  Do what you can, today, to
improve your internal organization to ensure that these task can be done
without a 6 month delay.

Please - we all need to work on this together.  But we need to do it now.

-- 

home help back first fref pref prev next nref lref last post