[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

RE: Can A Web Site Be Reliably Defended Against DoS Att acks?


protect website against dos
Right, but the query is not about defending against the 
virus.  One can do that with a good firewall and being 
smart about attachments.  I'm not worried about music 
files, Mom and Pop, or even the global banking systems 
becoming hostage to the Butterfly effect.

The problem is that if an effective attack is launched, 
the IP addressable site is hosed.  There is no 
credible defense, AFAIK.  One can protect the data 
yes, but not the system use, so for any command and 
control system where the owner has real and determined 
opposition, the best thing is to use a VPN instead of 
the web.

This means that some of the Federal dollars pushing 
initiatives for some public systems and vendors 
who are pushing middle tier vendors off of non-web 
frameworks are increasing the risks ahead of the 
safety aspects.  Should we say, iceberg dead ahead?

We know how to mitigate, but not to prevent. Some 
markets have to be made more aware.  There is a 
very good reason procurement officials can waive 
requirements from higher authorities.

len


From: Alaric B Snell [mailto:alaric@a...]

Dare Obasanjo wrote:
> Short of creating a mail client and server that prevented people from
> receiving mail attachments, how would you solve the problem exploited
> by this current virus on any one of the popular operating systems
> existing today?

On many UNIX systems, just mount /home as not allowing execution, so 
people need root priveleges to install software, and non-installed 
software can't be run.

UNIX systems don't really have this concept of an executable file 
sitting there waiting to be clicked on, anyway - things generally need 
to be in your path to get executed to begin with. If I got sent an 
executable file as an attachment, I'd need to save it to my home 
directory then open up a shell window and explicitly invoke it, with a 
"./" prefix to override the path and execute a file from the current 
directory.

ABS

PURCHASE STYLUS STUDIO ONLINE TODAY!

Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!

Buy Stylus Studio Now

Download The World's Best XML IDE!

Accelerate XML development with our award-winning XML IDE - Download a free trial today!

Don't miss another message! Subscribe to this list today.
Email
First Name
Last Name
Company
Subscribe in XML format
RSS 2.0
Atom 0.3
 

Stylus Studio has published XML-DEV in RSS and ATOM formats, enabling users to easily subcribe to the list from their preferred news reader application.


Stylus Studio Sponsored Links are added links designed to provide related and additional information to the visitors of this website. they were not included by the author in the initial post. To view the content without the Sponsor Links please click here.

Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member
Stylus Studio® and DataDirect XQuery ™are products from DataDirect Technologies, is a registered trademark of Progress Software Corporation, in the U.S. and other countries. © 2004-2013 All Rights Reserved.