[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] RE: Can A Web Site Be Reliably Defended Against DoS Att acks?
I suggest reading the story of the DDoS attacks on Gibson Research's site (grc.com) It is enlightening and frightening. Thanks, Louis "Bullard, Claude L (Len)" To: "'jcowan@r...'" <jcowan@r...> <clbullar@i... cc: xml-dev@l... m> Subject: RE: Can A Web Site Be Reliably Defended Against DoS Att acks? 02/04/2004 02:38 PM That seems to say that in no case should one risk any resource of critical value by putting it on the web because eleven men so inclined can always do it harm and this isn't a cost vs benefit issue. As I review the material I find that while there are some means for detecting an attack and mitigating it, and others for restricting its effect such as limiting bandwidth available for certain operations, the overwhelming majority of defense in in the social behavior of those outside one's own control, that is, ensuring a system cannot be used to host an attack. Defenses against it is not credible. It is as if the defender is always in the position of having stubs for arms against tall and lanky attackers; that is, it is an inherently unfair fight. Is that really the case? I read that Microsoft was able to defend their servers this time although SCO could not. len From: jcowan@r... [mailto:jcowan@r...] Bullard, Claude L (Len) scripsit: > Out of the blue... what are the defenses against DoS attacks? > Are they reliable or proximate? The DDoS attack, which is the serious kind, was summed up by Jonathan Swift as long ago as 1724 thus (emphasis added): It is true, indeed, that, within the memory of man, the parliaments of England have sometimes assumed the power of binding this kingdom [Ireland] by laws enacted there; wherein they were at first openly opposed (as far as truth, reason, and justice are capable of opposing) by the famous Mr. Molyneux, an English gentleman born here, as well as by several of the greatest patriots and best whigs in England; but the love and torrent of power prevailed. Indeed the arguments on both sides were invincible. For, in reason, all government without the consent of the governed, is the very definition of slavery: but, in fact, *eleven men well armed will certainly subdue one single man in his shirt*. But I have done; for those who have used power to cramp liberty, have gone so far as to resent even the liberty of complaining: although a man upon the rack was never known to be refused the liberty of roaring as loud as he thought fit. Historical note: it was on this precedent that the American colonies founded their claim not to be governed by the English Parliament; they gave evidence of their refusal by dumping taxable tea into Boston Harbor. -- If you understand, John Cowan things are just as they are; http://www.ccil.org/~cowan if you do not understand, http://www.reutershealth.com things are just as they are. jcowan@r... ----------------------------------------------------------------- The xml-dev list is sponsored by XML.org <http://www.xml.org>, an initiative of OASIS <http://www.oasis-open.org> The list archives are at http://lists.xml.org/archives/xml-dev/ To subscribe or unsubscribe from this list use the subscription manager: <http://lists.xml.org/ob/adm.pl>
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|