North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: how to protect name servers against cache corruption

  • From: Robert T. Nelson
  • Date: Sat Aug 02 23:55:11 1997

On Wed, 30 Jul 1997, Michael Dillon wrote:

> Maybe some of us have thought about it and realized that the best course of
> action is to:
> a. not talk publicly about this lest the cracker community learn too much


> We are like the designers and operators of an interstate toll highway, not
> like the highway patrol.

Michael, do you think it would be a value to have designers of highways
not discuss publicly people sppeding after they are built?

I disagree that we should not talk publicly about flaws in the design of
the network. I think that this information should be as widely
disseminated as possible. 

In 1853 Charles Tomlinson wrote a treatise on Locks. This document
describes the reasons that the "good guys" should discuss the construction
(and failings) of locks in public, otherwise only rogues will have the
information. He goes on to further state that rogues will be the first to
*apply* such knowledge. 

Furthermore, not discussing security issues, and their implications
publicly leads to hysteria and paranoia throughout the system. Do you
suggest that we gain protection from having uneducated network

[not posted to NANOG, non-operational]

Rob Nelson
[email protected]