North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Black Frog - the botnets keep coming

  • From: Henry Linneweh
  • Date: Thu May 25 11:09:31 2006
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=sbcglobal.net; h=Message-ID:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=09luwjNyiWEKpIWEefrYhkLfoFsrNpnksg1aosf6KDWH4kkPUaeujyHeH7rnBCwxCmTY545aIqiQah+j0FWodOgiTIC1hsIpnY/JX/2Ns5MhGyfzVTGg+kSeTW5UP/e0aeXr1ncIMOs0ptw4fwKkNnaEJ64m6BLNWLR1RLdwAUw= ;

Personally as a manager I want to know the problem and
then the workable solution. I just don't see that many
bot nets happening anymore. 

>From my vantage point I do see students writing bot
nets more for programming skills than for malicious
attacks. 

With several hundred million people and computers on
the inter network, there will always be an aberration,
caused by some social or mental or emotional defect.

Workable technical solutions, not new laws or rants
will make these issues, less of an issue operationally
in the long run.

-Henry

--- Eric White hill <[email protected] bay.net> wrote:

> 
> Gadi, one of the main issues that people take
> regarding this is that it
> seems as though whenever we turn around, you're
> starting another "OMG! THE
> INTERNUT IS COMING TO AN END!!!!OMGNO!"
> 
> And you get some people jumping around, and some
> people get all in a
> frenzy over whatever the perceived issue is.  The
> rest of us just slap our
> heads, roll our eyes and go "Oh, great, here goes
> Gadi on another rant..."
> 
> Many people in the internet security world, sorry to
> say, now have a hard
> time believing what you are saying, and believing
> whatever you believe.
> The credibility is just not there any more.  It's
> slipping away, because
> there are only so many times someone can cry "FIRE!"
> in a crowded theater
> before people stop believing you.  Unfortunetly,
> that _is_ starting to
> happen.
> 
> It really seems as though every time we turn around,
> you're crying Wolf 
> again, and it's bascially getting old.
> 
> >>> Sometimes being quiet is not going to win the
> war.
> >>
> >> It would behoove you, however, to not cry wolf so
> often
> >
> > The fact that you believe that I cry wolf, shows
> just how sad the
> > situation really is.
> I would say this is more of a sign of what is going
> on.  People are 
> starting to NOT believe you.  Perhaps it is you who
> should change what is 
> being said, and how you are saying it.
> 
> > How long before ecommerce becomes impracticle? :)
> Far from relevant to
> > NANOG. Or is it?
> What makes you believe that e-commerce is becoming
> impractical?  Are there 
> that many attacks against those companies?  If so,
> then why has the press 
> not picked it up?  The DoS against SixApart hardly
> made the convential 
> (BBC, CNN, etc) news.
> 
> > DNS beind abused like there is no tomorrow on the
> operational level (not
> > infrastructure level) and no one (almost) even
> noticing is obviously not
> > operational.
>   I run my own publically accessable DNS servers,
> and they aren't being 
> abused.  You're making it sound like all DNS servers
> everywhere are being 
> abused, and that we should all stop using DNS.
> 
> > We are all techs, but the decision if for example,
> block ports at ISP's to
> > stop worms isn't going to be a tech decision, much
> like hypocritically,
> > ISP's these days block streaming media or P2P for
> extra cash. It's a
> > business decision that will eventually save or
> kill the Internet, and to
> > be honest, I see nothing wrong with it.
> In other words, it seems as though you are for
> blocking of traffic, and 
> making the internet just another Government-mandated
> and Gov't-regulated 
> environment?  It seems as though that goes against
> Postel's ideals.
> 
> From my perspective, you just want to create big
> huge firewall, where 
> nothing is allowed, and everything is scrutinized. 
> That's not what the 
> internet is all about.  That's not what it was
> created for.  It seems as 
> though we should perhaps no longer call it the "Big
> Firewall of China", 
> but perhaps, the "Big Firewall of Gadi".
> 
> > I just am happy there are some people who hold
> back the tide of the war we
> > already lost, before governments catch up.
> Even though you are losing credibility amongst your
> colleagues around the 
> world?
> 
> This isn't meant to be a personal attack against you
> Gadi, but a wake up 
> call to not change your tune, but to perhaps start
> singing a different 
> song...the song that actually gets things done. 
> Stop fighting with 
> network operators, and start working with them. 
> That tends to get things 
> done more quickly, and also does not burn your
> bridges (and credibility) 
> in the process.
> 
> I think some of the ideas you have are very good,
> and others not so good. 
> Either way, you have a good start.
> 
> Gadi, I'm not saying to stop doing what you are
> doing, but perhaps to 
> change around how you go about doing what you are
> doing, and to stop 
> alienating so many of your other colleagues. 
> Instead of working against 
> groups like nsp-sec and NANOG, start working with
> them.  If you can't get 
> vetted, then work towards getting vetted.  Work
> towards repairing the 
> bridges.  Quite a bit of what people see is
> perception, and right now the 
> perception is one of more of a "panic monkey",
> rather than a calm, 
> logical, "We should really do this, or else bad
> stuff like example 1, 2, 
> and 3, can happen, and here's the reasoning behind
> it." Being calm, 
> logical, and working with other network operators
> tends to get things done 
> more quickly.
> 
> NANOG mods, if I am out of line, I apologize, but I
> feel as though this 
> needs to be said.  I am not trying to do a character
> assassination, just 
> voice my opinion on the latest network issue.  If
> you have issue with it, 
> please send me an email off list, and we can
> discuss.
> 
> Thanks,
> 
> -Eric
> 
> 
>