RE: SANS Flash: Urgent Request For Help In Stopping DOS Attacks (fwd) -reply

[Rick Smith <rick_smith () securecomputing com>]

At 05:00 PM 04/18/2000 -0700, Mark.Teicher () predictive com wrote:
> Read the book "When Wizards Stayed Up Late" (or something like that) a BBN 
> Publication. Discussing the history of the @ sign and other trivial 
> Internet history..

Pardon me, but I read it, too, and I worked with those people. Ron DuFresne
was right-on in saying that the military funding did nothing to promote an
effective Arpanet security posture. In fact, I don't remember anything in
that book that would contradict what Ron said. If there is, then the author
is *wrong*. Trust me, authors *do* make mistakes (I certainly do) though if
we're lucky the important mistakes get caught by the publisher's reviewers
before the book goes to press (think of it as a form of beta testing).

Actually, the nuclear warfare angle comes out of that '60s RAND report (I
forget the author, but RAND recognizes it is one of their most influential
reports and has it on-line). When the Arpanet was in operation, its
presumed robustness in the face of nuclear war was a topic of dry humor and
not a true design constraint. Like today, the phone company tended to
bundle their cables together, so that "redundant" connections could be
taken out by a single backhoe. We didn't take the redundancy requirements
seriously enough to address that.

The Arpanet was primarily an experiment in the feasibility of packet
switched digital networks (as opposed to the phone company's connection
based networks), and the ability of such a network to operate reliably by
automatically exploiting redundant comm links and nodes. The focus was
*reliability* and not *access control* or *confidentiality*.

Around 1980 I seem to remember the Arpanet had a couple hundred separate
leased lines and 64 (six bit address field!) nodes. There'd be a few
scattered lines down at any particular time, and at least one node would go
down (temporarily) daily. But traffic was automatically rerouted to adjust
for component failures and to balance the load, and that was the point of
the "experiment." Even then, the Arpanet was considered an experimental
facility and people weren't supposed to use it for operational traffic. In
fact, several military organizations (primarily logistics) were already
using it. They didn't mind the relatively lax security I described in my
earlier message.

Now, it's true that Honeywell took the "open source" version of the Arpanet
IMP software and used it as the basis of the military's super-secure WWMCCS
interconnection network. However, they didn't break much ground in
security, either. Their security relied on restricted physical access to
IMPs (routers), on military-grade encrypted comm links, and on '70s era
host security. Nothing surprising, nor particularly helpful in Internet
security. But I expect that WWMCCS had better resistance to nuclear war
than the original Arpanet :->

Rick.
smith () securecomputing com