North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: White House to Propose System for Wide Monitoring of Internet(fwd)

  • From: Sean Donelan
  • Date: Sun Dec 22 19:37:52 2002

On Fri, 20 Dec 2002, batz wrote:
> Lets say you have a an IDS load balancer sitting on a GigE span
> port with a few sensors watching everything go by.  If an alert is
> triggered, a script is executed which goes out to the router closest
> to the origin of the session and initiates the overlaid tunnel.

On any major backbone the IDS function becomes

GlobalIDSFunction() {
   While (1) {
	printf("Attack Detected!");

Do you really want an automatic wiretap installed on your line
every time an attack is detected?  Have you recently connected a
system to the Internet that hasn't been attacked?