RE: Denial of service

[Ted Doty <ted () iss net>]

At 03:01 PM 8/19/98 -0400, David C Niemi wrote:

> Nowadays a lot of companies have mission-critical applications which
> *depend on* the Internet.  And for good business reasons, like making or
> saving a lot of money.  Does this mean they expect to have 100% uptime for
> these applications?  Does this mean you should gratuitously rely on the
> Internet for critical communications?  Of course not.  But they do want
> their availability to be high, and disconnecting from the Internet makes no
> economic sense. 

Probably the only example of a mission critical application that depends on
the Internet is Internet-based electronic commerce.  Leaving asside the
tautological aspect of this as an example, I have never heard of an
sizeable business plan that depended solely on Internet ecommerce getting
funded by venture capital - the technology is too new for the risks of this
strategy to be well understood.

ECommerce is great as a new area that augments existing revenue streams.
However, the fact remains that a sufficiently clever attacker could disrupt
your system for days, and possibly weeks.  That'd probably would get the
law enforcement community involved, but heck, people blow up embassies.

- Ted

-----------------------------------------------------------------------
Ted Doty, Internet Security Systems          | Phone: +1 678 443-6000
6600 Peachtree Dunwoody Road, 300 Embassy Row | Fax:   +1 678 443-6479
Atlanta, GA 30328  USA                       | Web: http://www.iss.net
-----------------------------------------------------------------------
PGP key fingerprint: 362A EAC7 9E08 1689  FD0F E625 D525 E1BE