[iwar] [fc:Officials:.Web.Security.Work.Needed]

From: Fred Cohen (fc@all.net)
Date: 2001-11-24 21:35:40


Return-Path: <sentto-279987-3918-1006666448-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Sat, 24 Nov 2001 21:37:07 -0800 (PST)
Received: (qmail 17091 invoked by uid 510); 25 Nov 2001 05:32:38 -0000
Received: from n13.groups.yahoo.com (216.115.96.63) by all.net with SMTP; 25 Nov 2001 05:32:38 -0000
X-eGroups-Return: sentto-279987-3918-1006666448-fc=all.net@returns.groups.yahoo.com
Received: from [10.1.1.220] by n13.groups.yahoo.com with NNFMP; 25 Nov 2001 05:27:55 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_0_0_1); 25 Nov 2001 05:34:08 -0000
Received: (qmail 57117 invoked from network); 25 Nov 2001 05:34:08 -0000
Received: from unknown (216.115.97.171) by m2.grp.snv.yahoo.com with QMQP; 25 Nov 2001 05:34:08 -0000
Received: from unknown (HELO red.all.net) (65.0.156.78) by mta3.grp.snv.yahoo.com with SMTP; 25 Nov 2001 05:34:07 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id fAP5Zeb24461 for iwar@onelist.com; Sat, 24 Nov 2001 21:35:40 -0800
Message-Id: <200111250535.fAP5Zeb24461@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Sat, 24 Nov 2001 21:35:40 -0800 (PST)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] [fc:Officials:.Web.Security.Work.Needed]
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Officials: Web Security Work Needed

By Gary Gentile, AP Business, 11/16/2001
<a href="http://news.excite.com/news/ap/011115/19/internet-security">http://news.excite.com/news/ap/011115/19/internet-security>

MARINA DEL REY, Calif. (AP) - The Internet's guardians concluded
Thursday they can't make the worldwide network immune to terrorism, but
they can guard against the most likely risks. 
Several terrorist-related risks were identified during a three-day
meeting of the Internet Corporation for Assigned Names and Numbers, the
organization designated by the U.S. government to oversee the Net's
address system. 
A critical concern is the concentration of computers that keep track of
Internet addresses, such as "www.icann.org." 
Six of the 13 master directory computers, known as root servers, are on
the East Coast of the United States, and another four are on the West
Coast. The rest are scattered abroad. 
If enough root servers fail, millions of Internet users could find Web
sites and their e-mail inaccessible because computers won't know what to
do with domain names they come across. 
The physical safety of those servers was one issue raised at the
meeting. But of equal concern is the software running the computers, and
the possibility that someone would flood those servers with so many
requests for information that they would effectively stop working. 
Such "denial of service" attacks have been launched in the past against
individual Web sites but never in a coordinated fashion against the
Internet's core directory computers. 
Overall, the ICANN board concluded the Internet naming system is not in
immediate jeopardy but needs work to identify and guard against future
threats. 
"The network is extraordinarily resilient," said Vinton Cerf, the
chairman of ICANN. "On the other hand, it is very clear that we have
some opportunities to build in processes and procedures that will serve
us even better in cases of crisis." 
The board did not identify specific steps or a timetable. 
ICANN makes decisions that ultimately affect how people reach Web sites
and what domain names they can have. After the Sept. 11 attacks, ICANN
decided to devote its annual meeting to security. 
On the final day of the meeting, board members said security must be
considered in broader terms. 
"We know there will always be attacks that we can't protect against,"
said board member Karl Auerbach. "We need to make sure we have means out
there to speed the recovery." 
Recovery from disasters like the failure of root servers - perhaps
caused by an earthquake or other problem - requires local resources to
be available, Auerbach said. 
Simply relying on the government or other agencies to come to the rescue
is not enough, he said. 
Cerf said disaster relief principles used for hurricanes and earthquakes
should apply to the Internet as well. 
"You have a certain amount of water you keep in your house, food,
blankets, batteries," he said. "For various parts of our Internet world,
we have to identify what the emergency kit looks like and make sure
everyone is at least aware of what those options are."

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Universal Inkjet Refill Kit $29.95
Refill any ink cartridge for less!
Includes black and color ink.
http://us.click.yahoo.com/E11sED/MkNDAA/ySSFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:59 PST