Re: [iwar] news

From: Fred Cohen (fc@all.net)
Date: 2001-06-04 19:21:52


Return-Path: <sentto-279987-1293-991707714-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 04 Jun 2001 19:23:07 -0700 (PDT)
Received: (qmail 21168 invoked by uid 510); 5 Jun 2001 01:23:07 -0000
Received: from ch.egroups.com (208.50.99.226) by 204.181.12.215 with SMTP; 5 Jun 2001 01:23:07 -0000
X-eGroups-Return: sentto-279987-1293-991707714-fc=all.net@returns.onelist.com
Received: from [10.1.4.53] by ch.egroups.com with NNFMP; 05 Jun 2001 02:21:54 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-7_1_3); 5 Jun 2001 02:21:53 -0000
Received: (qmail 77362 invoked from network); 5 Jun 2001 02:21:53 -0000
Received: from unknown (10.1.10.142) by l7.egroups.com with QMQP; 5 Jun 2001 02:21:53 -0000
Received: from unknown (HELO all.net) (65.0.156.78) by mta3 with SMTP; 5 Jun 2001 02:21:52 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id TAA15443 for iwar@yahoogroups.com; Mon, 4 Jun 2001 19:21:52 -0700
Message-Id: <200106050221.TAA15443@all.net>
To: iwar@yahoogroups.com
In-Reply-To: <4.3.2.7.2.20010604171446.00b41890@poptop.llnl.gov> from "Tony Bartoletti" at Jun 04, 2001 05:24:15 PM
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Mon, 4 Jun 2001 19:21:52 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: Re: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Per the message sent by Tony Bartoletti:

> Glenn,

> Thanks for the support!

> Fred, when you say "we know how to stop DoS attacks", should I assume that 
> you mean

> a.  Forcing ISPs to not route outgoing packets with bogus source addresses 
> (and blacklisting those that do?)  Can this be done, globally?

It can be done globally.

> b.  Abolishing Internet Anonymity?  Can this be done, globally?

Yes.

> c.  "And now for something entirely different ..."?

> The only way to effect the (necessarily global) scope of these solutions is 
> to adopt new protocols, and then phase out (refuse to route) the previous ones.

PEIP is such a protocol that allows 'fair scheduling' to limit the
effect of these attacks to the point where they don't work any more.

> Is that your thought in this?

Then there are the schemes for flexing your IP addresses and DNS entries, etc.

--
Fred Cohen at Sandia National Laboratories at tel:925-294-2087 fax:925-294-1225
  Fred Cohen & Associates: http://all.net - fc@all.net - tel/fax:925-454-0171
      Fred Cohen - Practitioner in Residence - The University of New Haven
   This communication is confidential to the parties it is intended to serve.
	PGP keys: https://all.net/pgpkeys.html - Have a great day!!!

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:15 PDT