nanog mailing list archives
Re: DNS issues various
From: Richard Forno <rforno () infowarrior org>
Date: Thu, 24 Oct 2002 12:49:54 -0400
protecting the servers is not the *critical* point. protecting the service is. don't obsessed up on silly boxes.
You're right. It comes down to risk mitigation, not risk elimination. I'd posit it's impossible to PREVENT a DDOS attack -- as such, as we did when they first manifested themselves in 1999, we need to develop response plans capable of meeting the onslaught and mitigating its impact so that things continue to function, even if they're degraded somewhat. It's like airport security - total security is a fantasy, but we have to raise the bar to make it more difficult for an attacker, and couple that with effective plans to respond when things occur, thus ensuring both an acceptable level of service during the incident and a smooth recovery/investigation afterward. Of course, in the airport security case, the bar's still lying on the ground..... :( Rick Infowarrior.org
Current thread:
- DNS issues various Simon Waters (Oct 24)
- Re: DNS issues various Doug Barton (Oct 25)
- <Possible follow-ups>
- Re: DNS issues various Randy Bush (Oct 24)
- Re: DNS issues various Richard Forno (Oct 24)
- Re: DNS issues various Kelly J. Cooper (Oct 24)
- Re: DNS issues various Valdis . Kletnieks (Oct 24)
- Re: DNS issues various Kelly J. Cooper (Oct 24)
- Re: DNS issues various Valdis . Kletnieks (Oct 24)
- Re: DNS issues various Barry Shein (Oct 24)
- Re: DNS issues various Sean Donelan (Oct 24)
- Re: DNS issues various Barry Shein (Oct 24)
- Re: DNS issues various Peter Salus (Oct 24)
- Re: DNS issues various Ben Browning (Oct 24)
- How to secure the Internet in three easy steps Sean Donelan (Oct 25)
- Re: DNS issues various Richard Forno (Oct 24)