[iwar] Historical posting

From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com
Mon, Jan 1, 1999
Messages sorted by: [ date ][ subject ][ author ][ recipient ]
Next message: From: Fred Cohen To: "[iwar] Historical posting"
Previous message: From: Fred Cohen To: "[iwar] Historical posting"
fc  Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Mon, Jan 1, 1999
From: Fred Cohen 
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting

          


             All,

The ability to block all incoming packets from certain IP addresses
(Chinese today, who-knows-who tomorrow) via limited "choke points"
is probably an inadvisable strategy.  Such a capability could be
exploited by an adversary to deny us our own communications.

The internet was designed to survive large-scale takedowns, allowing
packets to automatically route around damage, and the notion of
choke-points or highly centralized access control is antithetical
to this valuable capability.

I believe the best security is distributed.  If each subdomain were
to develop their own "dealing with hostile packets" strategies, then
an adversary could not hope to coordinate a "death-blow" exploit.

My 2 cents.

___tony___

IOWA Center
Lawrence Livermore National Laboratory


At 08:53 AM 9/2/99 -0400, Clayton, Charlie wrote:
>From: "Clayton, Charlie" cclayton@n...
>
>Interesting question and a good point, Rob. National level planners, take
>heed! The capability undoubtedly exists. However, the effort would need to
>be centrally coordinated (for DISA and the national civilian agencies) and
>further managed within each agency. Unless I'm mistaken, there is no
>Internet or Infosec FEMA type organization (yet) and I don't think that DISA
>has a single civilian counterpart.
>
>For a protracted operation, this would be possible but it would also take
>time to coordinate. Hence, the barn door is left open for short operations
>where there has never been an exercise to test such a plan. If it isn't part
>of someone's national contingency planning, it should be. The recent
>Yugoslavia difficulties would have been an excellent opportunity to test
>such a plan. But alas, I doubt that our planning has advanced far enough as
>to actually be able to coordinate mass blockages such as you suggest.
>Staffing such a plan around the different government agencies would be a
>nightmare without a presidential directive.
>
>Sorry, but I never did get around to announcing myself as a newbee here. I'm
>Charlie Clayton. Former IWO for Special Operations Command Europe (SOCEUR)
>when I was called up for the Bosnia thing (9 month Presidential Selective
>Recall as an Army Reservist). Former Special Security Officer for Fort
>Bragg, NC. Currently the UNIX security guy for a medium sized company in
>Greensboro stuck doing the Y2K project (yuck!).  
>
>CHARLES J. CLAYTON, CISSP
>UNIX Security/Y2K
>New Breed Corporations
>
>> -----Original Message-----
>> From:	Rob Rosenberger [SMTP:us@k...]
>> Sent:	Wednesday, September 01, 1999 9:29 PM
>> To:	iwar@onelist.com
>> Subject:	RE: [iwar] Today in the news
>> 
>> From: "Rob Rosenberger" us@k...
>> 
>> >Hackers with Chinese Internet addresses launched coordinated
>> >cyberattacks against the United States and allied forces during
>> >the air war against Yugoslavia this spring
>> 
>> Okay, I'll ask an obvious question.  Did DISA at least block all
>> IANA-assigned Chinese IP addresses so they couldn't visit .mil sites?  Did
>> DISA's civilian counterpart do the same for .gov sites?  Or does our
>> government pursue an "allow unless denied" policy with adversaries?
>> 
>> We restrict Chinese nationals from visiting U.S. government installations
>> except under specific circumstances, so why can't we restrict Chinese IPs
>> from visiting U.S. government computers except under specific
>> circumstances?
>> 
>> Rob Rosenberger, webmaster
>> Computer Virus Myths home page
>> http://www.kumite.com/myths
>> 
>> 
>> --------------------------- ONElist Sponsor ----------------------------
>> 
>> ATTENTION ONElist MEMBERS! Are you getting your ONElist news?  
>> If not, join our MEMBER NEWSLETTER here:
>> <a href=" http://clickme.onelist.com/ad/newsletter1 ">Click Here</a>
>> 
>> ------------------------------------------------------------------------
>> ------------------
>> http://all.net/
>
>--------------------------- ONElist Sponsor ----------------------------
>
>Show your ONElist SPIRIT!
><a href=" http://clickme.onelist.com/ad/tshirt2 ">Click Here</a>
>With a new ONElist SHIRT available through our website.
>
>------------------------------------------------------------------------
>------------------
>http://all.net/
>
>

Tony Bartoletti                                             LL
IOWA Center                                              LL LL
Lawrence Livermore National Laboratory                LL LL LL
PO Box 808, L - 089                                   LL LL LL
Livermore, CA 94551-9900                              LL LL LLLLLLLL
phone: 925-422-3881   fax: 925-423-8081               LL LLLLLLLL
email: azb@l...                                   LLLLLLLL
Next message: From: Fred Cohen To: "[iwar] Historical posting"
Previous message: From: Fred Cohen To: "[iwar] Historical posting"