[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

RE: Re: Can A Web Site Be Reliably Defended Against DoS Attack

  • To: "'rjm@z...'" <rjm@z...>
  • Subject: RE: Re: Can A Web Site Be Reliably Defended Against DoS Attacks?
  • From: "Bullard, Claude L (Len)" <clbullar@i...>
  • Date: Sun, 8 Feb 2004 11:50:32 -0600
  • Cc: 'XML DEV' <xml-dev@l...>

dos attack how to fix
>From: Rick Marshall [mailto:rjm@z...]

>> It is time to start listening to the designers at 
>> Microsoft.  If the web can't pull it off, we'll 
>> have to go to companies that can.   It is time 
>> for a consortium to form whose mandate is to 
>> create a global network that is safe and reliable 
>> for mission critical applications.  This should 
>> be an effort undertaken by the companies who 
>> understand the problem and have a culture that 
>> can practice end-to-end engineering, not 80/20.
 
>that's not going to happen, it'd be like giving the phone system back to
>at&t....

That isn't unthinkable; it's improbable.  However, that a group 
can form and devise a patentable solution is not unthikable 
or improbable.  It relies on the willingness and apathy of 
the rest of the world's engineers to believe that they can 
be satisfied with their trophies for races they won by cutting 
on come'abouts and shadowing the other guy's spinnaker.

>and i don't think there's overwhelming conviction out there that
>microsoft's engineers are better than everyone elses. 

There is overwhelming proof that they have the cash and the 
record of success.  There is overwhelming proof that their 
platforms are used successfully for mounting DDoS attacks. 
There is overwhelming conviction that they should be doing 
something about this.  If they get legitimate patents in 
the doing, they deserve to own them.

>or that microsoft
>has some special knowledge that lets them create things others can't.

Or won't.

>the difference is that most of us would prefer the diversity of
>heterogeneous environments, rather than monocultures.

So do it, but that isn't the problem.  TCP/IP is.

>if microsoft had their way we'd all be living on msn, we wouldn't have
>to bother with standards and rfcs - they'd take care of that for us, and
>then we just wouldn't need xml. tv's would have been replaced by now
>etc... 

And if they solve the problem first and best, they have the means to 
make that happen.   But they'll need XML anyway.  That was something
learned along the way that is quite separate from TCP/IP.  It is 
in the layer that finally had to admit after too many years of 
holding back progress with conviction that object-oriented programming 
represented the zenith of computer science, that scaling across 
horizontal domains is done with data objects, and that vertical 
integration while done best with OOP, doesn't scale except in 
tightly coupled products and enterprises.  Precisely the MS solution.

>real engineers know that their job is to meet requirements in a hostile
>environment, not change the environment. 

Dams and canals aren't built that way.  They modify both the environment 
and the application.  One can't fix the weather but one can make sure 
the air conditioning doesn't strangle the power grid.  I don't know 
if this problem is that problem.  We will certainly continue to 
mitigate; the ten billion dollar question is can it be solved?

>knowing that there are DoS
>attacks happening we look to understand how they happen, what they do,
>what we can do to prevent/weaken them when (not if) they happen. that's
>just good practice. 

That's defensive. That is a Maginot Line.  That is also admitting one 
doesn't know how to build a better tank, and not admiting that a tank 
is only as good as one has air superiority.   If the French had poured 
the money into an air force that they poured into the ground, they 
could have stopped the blitzkreig.

It is unacceptable that given some lack of discipline on the part 
of a family with broadband access, critical pieces of infrastructure 
can be blown off the air.   If it can't be solved given physics, 
so be it.  Some applications will never use the Internet by policy. 
If it can, and someone patents the solution, they get very rich or 
a lot of respect or both.

In any event, bumblebees do fly, two bicycle mechanics did solve 
the unsolvable problems of flight control.
 
There is something to be said for the will to do the impossible.

len

PURCHASE STYLUS STUDIO ONLINE TODAY!

Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!

Buy Stylus Studio Now

Download The World's Best XML IDE!

Accelerate XML development with our award-winning XML IDE - Download a free trial today!

Don't miss another message! Subscribe to this list today.
Email
First Name
Last Name
Company
Subscribe in XML format
RSS 2.0
Atom 0.3
 

Stylus Studio has published XML-DEV in RSS and ATOM formats, enabling users to easily subcribe to the list from their preferred news reader application.


Stylus Studio Sponsored Links are added links designed to provide related and additional information to the visitors of this website. they were not included by the author in the initial post. To view the content without the Sponsor Links please click here.

Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member
Stylus Studio® and DataDirect XQuery ™are products from DataDirect Technologies, is a registered trademark of Progress Software Corporation, in the U.S. and other countries. © 2004-2013 All Rights Reserved.