On Tue, 2 Sep 2008, Joe Abley wrote:
>
> On 2 Sep 2008, at 13:43, Dean Anderson wrote:
>
> > Really? Your position is that there are attacks but all these attacks
> > are somehow being kept secret? People talked about ping floods, syn
> > floods, and an uncountable slew of other attacks. Incredible.
>
> My point is that there are a large number of distributed denial of
> service attacks happening every day, on a scale large enough to
> involve multiple providers and cross-organisational teams for
> mitigation.
>
> When new attack techniques emerge, sometimes they make the news. The
> fiftieth DNS reflection attack on any particular day, years after the
> technique was first described, is unlikely to be newsworthy. The fact
> that alarm bells are not sounding in the streets doesn't mean that
> people continue to work to mitigate such attacks, however, nor that
> such attacks no longer happen.
Significant problems are always newsworthy, or at least
discussion-worthy on various network forums that I do monitor. There has
been no further discussion of these attacks since the two very small
motivating attacks were discussed on NANOG some time ago. I don't see
any evidence that there have been more than two such attacks.
> The existence of closed, operational forums for the discussion and
> mitigation of denial of service attacks is no great secret to
> operators. If you're unaware, and you're an operator, feel free to
> drop me a private note. I would be very happy to let you know about
> the subscription procedures and attendant vetting by peers that would
> be required for you to participate (at least, in the forums I am aware
> of). I imagine discussions of your applicability would be
> entertaining.
I never said the existance of forums were secret. Indeed, the genuine
forums are usually for coordination between major carriers' operations
groups, and so are only appropriate to the operations employees of those
few major carriers. The rest of the (somewhat dubious) forums are
groups more or less like blackhat; groups basically training bad guys
and/or sharing techniques amoung bad guys, or else amoung dilettantes.
Because I am not currently employed in the operations department of a
large major carrier myself, I would be unable to actually mitigate any
in-progess attacks. Moreover, I've always worked for major carriers in
engineering, not operations. So I can't imagine why I would ever want to
be in genuine forum, nor would I want to be in any dubious forum. I note
that you aren't employeed by any of the major carriers, either. In
anycase, I doubt that I would need your assistance with any application.
However, not participating in the actual mitigation efforts doesn't mean
that attacks aren't discussed post-mortem. These discussions are
usually more widespread and are more public. But you have no evidence of
such discussion, nor evidence of any actual attacks whatsoever after the
motivating attacks.
> At a higher level, you seem to be seeking some measure of proof
> regarding the existence of something. My aim was not to provide proof
> of anything, since as far as I know this is not a court of law, a
> philosophy class nor a distillery. Apologies if that was not clear.
I guessed that your aim was not to provide proof of your assertions.
However, for your claims to be credible, there needs to be some evidence
that this is a problem that needs to be solved, that the costs are
justified. You have no evidence of there being a problem and your claims
are not credible because of the lack of evidence. The costs imposed on
legitimate open recursors are unjustified.
> > If these attacks were indeed happening, someone, somewhere would be
> > talking about specific attacks.
>
> And my point is that they are. Your point is that you don't believe
> me. I might make the point that I don't care who believes me.
> Regardless, I will continue not to lose sleep.
The people who don't believe you won't lose sleep either when we
collectively decide you don't have a genuine problem to be solved, or
don't have any evidence of a genuine problem.
> >>> And I was serious about the t-shirt, if the price is reasonable.
> >>> XXL,
> >> thanks.
> >
> > Then you should know that this isn't a proper forum to be soliciting
> > me
> > about t-shirts.
>
> Shame. Perhaps someone else will do the right thing and start selling
> av8 t-shirts with such pithy catchphrases, given your documented lack
> of interest in exploiting this no-doubt lucrative opportunity.
Then I guess they'll learn about the law on trademark infringement.
--Dean
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
