Cart
|
[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Re: Can A Web Site Be Reliably Defended Against DoS Attack
 On Thu, Feb 05, 2004 at 01:38:37PM -0600, Bullard, Claude L (Len) wrote: > If we want a better future, we have to invent it and > the pay for that has to keep us fed. TimBL showed > the generals how to get something for nothing by taking > old missiles and putting monkeys in them. Unfortunately > launching monkeys at the moon or any other target > thrills the monkeys but doesn't always get them there > with a whole skin. I think your analogies are getting a little strained here :) If we'd waited for a 100% reliable Web, with pre-fetching, distributed cache integrity, and all the other needs that could reasonably have been foreseen in the late 1980s, we'd maybe still be waiting - but the Web has come a long since 1989, and we wouldn't have that experience. There were people who said the ISO networking stack was much better than TCP/IP - it was certainly more sophisticated, and the size (and cost) of the specs helped to keep small firms excluded nicely and equipment costs high. Whether that was intended I have no idea. But the ISO WGs didn't forsee modern DDoS attacks either, and neither did anyone else. When you get to the point where a 14-year-old kid sitting at home can quietly infect tens of thousansd of Windows XP systems remotely, and then use them all at once to send multiple gigabtes per second of network data at a single target, it's hard to see how any infrastructure could have coped. Since you seem to like military or space-rocket analogies, it's like firing up your space shuttle to Mars only to find the intervening space has suddenly filled with millions of explosive mines so densely that no shuttle could hope to get past... and then blaming the rocket engineers for such a stupid design that didn't predict the change ;-) The online world isn't bound directly by physics - changes far more dramatic can and do happen. In fact, DDoS attacks by untrusted hosts were predicted in the early 1980s, when a Sun workstation cost under US$10,000 and could be conencted to a Univeristy network via a Vampire clamp, and then could send forged packets onto the net... something previously very difficult. A couple of years later, PCs with ethernet cards were diong the same... and now PCs with broadband. In this case it turns out that the ISPs have the power to limit most of the damage -- they can detect forged packets when a client sends them over the cable modem, and drop them. Or disconnect the user and send a bill. That would get people setting Administrator passwords on their XP systems, and turning off file sharing, and being careful before clicking on attachments! The ISPs could go further and reject forged email. Then the current wave of email viruses and spam (and viruses that are used for spammers to send email) would go away. But as others have said, a new wave would arise. You mention DARPA funding of Web research -- it's true (I think) that there's DARPA funding for Semantic Web research, and no doubt for other work trying to move the Web forward. But don't confuse the Web with the Internet - the rocket with the rocket fuel? - the Web could be thought of as the set of things that are nameable by a URI. The Internet is a set of networks reachable by IP. You could have a World Wide Web with a different infrastructure - e.g. over JANET with X.25 and friends. At any rate, you can look back and said, "with all we know today, the Web should have been designed differently" but I don't think such reasoning is productive. Better to say "with what we know now, the following areas will need improvements". And that's research that's being done today, of course. Liam -- Liam Quin, W3C XML Activity Lead, http://www.w3.org/People/Quin/ http://www.holoweb.net/~liam/ 
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! 
Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|
|||||||||
