再保险:你的法律顾问在击败DDOS攻击

我完全同意。我的第一印象是,这个文档是梦幻。许多的解决方案,建议是相同的,我们多年来一直希望。就好了如果操作系统供应商让他们的产品安装与安全设置为高,但我不是屏息以待。推动IP6实现将抵制商业社会,直到它似乎是有利可图的。和最好的仍将是好几年后的事了。我做喜欢的一种解决方案是使用路由器过滤。这使得最有意义。我知道很难在大型网络配置管理。但接缝是今天的一个动作,可以采取行动。 Perhaps it would make sense the security community to pressure the router vendors to make this task easier with their software configuration. Another interesting idea that I have come across is found in a presentation by Robert Stone at UUNET. He talks about a method of tracking DOS floods. I will not go into details here. The presentation can be downloaded from:http://www.nanog.org/mtg-9910/robert.html克雷格AlanPaller@AOL。COM说:与所有的可见性>,我们真的让它正确。所以请尽可能>至关重要。请原谅我残酷的诚实。本文档是一个没有实权的nice-old-lady认罪。只有满意将是那些获得资金。主要是它所能实现的是政治家和其他人休息的良心有丢一些钱的问题,有同意的布道。的policy-setters我们应该认识到,如果互联网将是一个经济的基础设施,那么它应该接受护理,资源和执法力量,其他基础设施。有多少电力公司,恳求人们不要短路的电线或扔管道(因为火花是美丽和“酷”)?有多少国家,恳求人们不要泄漏石油的高速公路(它很“酷”看到车祸)或不以每小时200英里的速度(“看看好我在生产汽车和驾驶吗?”)? At the barest minimum, there should be an internet hall of shame (and funding for it) listing companies and individuals not complying with the current accepted security practices (some were detailed in this document), and this hall of shame should be constituted as being impossible to sue for libel, free from injunctions and other legal wrenches. There should also be a national, federal or presidential, annual award for contributions to security. I would also like to add that public places and food are made safe by inspecting factories and the kitchens of restaurants. I believe that in cases where there is evidence of neglect, it should be possible to enforce security audits with threat of disconnection from the internet for non-compliance. Non-compliance to repeated notices about security neglects should be prosecutable, perhaps under criminal negligence. Repeating offenders should be barred from the internet from some time, just like some people can loose their driving license. As many people realize, what allows countries to make their own laws are border controls and tariffs. Free trade is only possible between countries that have closely similar laws. Consequently, if the US is to have any control over the internet, it has to control its borders. Internet interfaces with other countries should be controlled like the physical US borders and coastlines. Finally, there's a saying that to get rid of predators, you get rid of their prey or make it inaccessible. Critical security software for home users (e.g., firewalls and virus/trojan checkers) should be made free or close to free, perhaps with government subsidy or a coupon system. If it becomes hard enough to find victims, maybe hackers will loose interest. I am certain that the very intelligent people reading this will find many faults with what I propose. However, this society has to give itself the power to protect what is important for it. I'll let you decide if the internet is important enough. Pascal