Firewall Wizards mailing list archives
RE: Denial of service
From: David C Niemi <niemi () tux org>
Date: Thu, 20 Aug 1998 13:55:36 -0400 (EDT)
On Thu, 20 Aug 1998, Ted Doty wrote:
At 03:01 PM 8/19/98 -0400, David C Niemi wrote:Nowadays a lot of companies have mission-critical applications which *depend on* the Internet. And for good business reasons, like making or saving a lot of money. Does this mean they expect to have 100% uptime for these applications? Does this mean you should gratuitously rely on the Internet for critical communications? Of course not. But they do want their availability to be high, and disconnecting from the Internet makes no economic sense.Probably the only example of a mission critical application that depends on the Internet is Internet-based electronic commerce. Leaving asside the tautological aspect of this as an example, I have never heard of an sizeable business plan that depended solely on Internet ecommerce getting funded by venture capital - the technology is too new for the risks of this strategy to be well understood.
You must work for a bank or a secret agency ;^) Nowadays almost all large organizations and many smaller ones nowadays have web sites that management considers mission-critical, even if they only provide general information to the public. And a great number of business functions rely on the Internet for gathering information and e-mail. E-commerce per se is just one of many extremely valuable services which inherently must rely on the Internet.
ECommerce is great as a new area that augments existing revenue streams. However, the fact remains that a sufficiently clever attacker could disrupt your system for days, and possibly weeks. That'd probably would get the law enforcement community involved, but heck, people blow up embassies.
Not Very Often. As someone else pointed out, this business is about risk management, not risk elimination. There are many theoretically possible (and occasionally real) attacks which even state-of-the-art Internet security techniques can't guard against; but for each one of these that occurs there are dozens of simplistic attacks which cause damage due to extreme negligence in making Internet-connected equipment secure and robust. If you mean that Internet connections need to be segregated from critical internal systems, I see your point; once done properly the DoS attacks you refer to for taking down Internet connections have no realistic opportunity to impact purely internal systems. But that is very different from completely severing oneself from the Internet. --- David C Niemi ---niemi at tux.org--- Reston, Virginia, USA --- Da mihi sis crustum Etruscum cum omnibus in eo.
Current thread:
- Denial of service City (Aug 17)
- Re: Denial of service Joseph S. D. Yao (Aug 18)
- Re: Denial of service Kevin T. Shivers (Aug 18)
- RE: Denial of service Tupshin Harper (Aug 18)
- Re: Denial of service Roger Nebel (Aug 19)
- RE: Denial of service Ted Doty (Aug 19)
- RE: Denial of service David C Niemi (Aug 19)
- RE: Denial of service Ted Doty (Aug 23)
- RE: Denial of service David C Niemi (Aug 23)
- RE: Denial of service Marcus J. Ranum (Aug 23)
- Re: Denial of service ICMan (Aug 19)
- Re: Denial of service Ted Doty (Aug 23)
- Re: Denial of service Gigi Sullivan (Aug 19)
- <Possible follow-ups>
- Re: Denial of service HASSAN . KARIM (Aug 19)
- Re: Denial of service Frank de Jong (Aug 19)
- Re: Denial of service Logic Man (Aug 19)
- RE: Denial of service Randy Samos (Aug 23)