Firewall Wizards mailing list archives

RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks -reply

From: Mark.Teicher () predictive com
Date: Thu, 13 Apr 2000 09:47:15 -0700

Well as you describe it appears it the Internet was open up to the masses, 
where prior it was mostly Military,etc, etc,  and "geekie" types who had 
the secret decoder ring and "Cap'n Crunch" whistle could interpret the 
bits and bytes tranversing the limited network with their 300 baud 
modems..:)

/m






Rick Smith <rick_smith () securecomputing com>
04/13/00 09:35 AM

 
        To:     Mark.Teicher () predictive com
        cc:     firewall-wizards () nfr net, JCarson () smartronix com, CrumrineGL () state gov
        Subject:        RE: [fw-wiz] SANS Flash: Urgent Request For Help In Stopping DOS Attacks


At 07:55 AM 04/13/2000 -0700, Mark.Teicher () predictive com wrote:

Actually, security was a big contributor in the Internet evolving, if it
was not for initial military funding, the Interner would not have existed
as early as it did.  Security features were definitely a big part back
then, but after some of the initial involvement was completed, other
parties got involved and things have evolved to what we have today..


You seem to suggest that the Internet "lost" some security capabilities it
had in its early days.

I say that those security features would have prevented today's Internet
from evolving.

The security features you allude to were part of the original ARPANET,
which was a closed network that could only be extended if the controlling
authority (the DOD) agreed. All the "routers" (IMPS in Arpanet parlance)
resided in relatively secure machine rooms managed by organizations that
the DOD trusted to some extent (military bases, defense contractors, and
universities heavily involved in defense research). It was a very 
difficult
and expensive proposition to get connected to the Arpanet. The network
never grew past dozens of nodes and hundreds of hosts.

Contrast this with the Internet. All you had to do was get a telecom
connection to an ISP and you yourself could become an ISP. Nobody had to
ask permission to add hosts to the Internet, they just did it. ISPs grew 
up
in garages, basements, under beds, anywhere. The lack of centralized
control fueled the Internet's growth. But the technical flexibility that
supported its exponential growth also allowed the recent rash of DDOS 
attacks.

Incidentally, none of us who worked on the Arpanet considered it a
particularly "secure" network. Most of its security relied on the physical
protection of IMPs and on administrative control of connected host
computers. Software based access control was weak or nonexistent in many
places, and dial-in numbers were widely and carelessly distrubuted. But it
was very rare for peoples' work to be disrupted by outside interference. 
So
the user community didn't really want much more security.

Rick.
smith () securecomputing com

Current thread:

RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks Mark . Teicher (Apr 18)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks Rick Smith (Apr 18)
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks R. DuFresne (Apr 20)
- <Possible follow-ups>
- RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks -reply Mark . Teicher (Apr 18)
  - RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks -reply Rick Smith (Apr 18)