[AusNOG] NBN must avoid becoming 'failed state'

Dobbins, Roland rdobbins at arbor.net
Tue Sep 21 12:48:21 EST 2010


On Sep 21, 2010, at 9:26 AM, Mark Newton wrote:

> The very first message you sent in reply to me in this thread (19 Sep
> 4:41pm) had examples of the hype I've been criticising:  You painted a
> picture of people "being unable to access their bank Web sites to
> pay their bills, download or upload content, VPN into their offices,
> buy houses because their credit has been ruined by identity thieves,
> profit from their intellectual efforts because they've been subject
> to corporate espionage," and told me that the sky has already
> actually fallen.

This things have actually happened, and I do believe that the current Internet security environment is unbelievably toxic, and that one must start somewhere/somehow to try and rectify matters.

> The events depicted are exaggerations:

They've happened - so, by definition, they aren't exaggerations.

> I'd argue that while the probability of any of those events happening
> isn't zero,

Good, because they've happened.

;>

> the consequences of their realization is mostly confined to "inconvenience," rather than "economic collapse," a rational risk analysis would place them at the low-to-negligible end of the scale, and that the sky is still firmly fastened above our heads.

Lots of money is being lost - for example, during the low-grade/high-impact RoK/USA DDoS attacks last year, one RoK auction  alone stated they lost ~$6M in revenues.

People's credit ratings are being ruined, and it's quite difficult for them to repair same.

Corporate and governmental information is being stolen, that's beyond dispute.

And so forth.


> In response to that low-to-negligible risk, your presentation  repeatedly asserts the necessity for monitoring up to layer-7.

Layer-4 is plenty, in most cases, but you need to be able to capture packets in order to classify some layer-7 attack traffic.  The anticipated mode of operation is layer-4 continuously, with packet samples taken on an as-needed basis.

> You're (inaccurately) painting NBNCo as a part of the Government,

Which is the popular perception - and in politics, perception is all.

> and advocating pervasive surveillance,

Absolutely not, didn't intend to imply that at all - the idea is detection/classification of attack traffic, botnet C&C traffic, and so forth, nothing more.

> in a country that doesn't have any civil rights law and therefore has literally no defensive mechanisms which a citizen can use to defend herself from opsec threats posed by governmental action

This sounds like an argument either for civil rights legislation, or against government getting into the networking business, or both - in any event, it's far beyond my competence to address.

> -- And, in the ensuing discussion thread, arguing that disconnection of entire ISPs from the nation's monopoly access network is a legitimate response for NBNCo to take.

I also noted that a) there are assuredly a wider range of compliance incentives which could be considered and b) that it's premature anyway to talk about penalties for compliance when there isn't any consensus 

The rest of the off-topic stuff wasn't worth responding to, so I didn't.  

> I'm done with this thread.

I'm certainly done with this portion of it.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

 	       Sell your computer and buy a guitar.







More information about the AusNOG mailing list