[IP] more on IPv6 Forum chief: the new Internet is ready for consumption

To: ip@xxxxxxxxxxxxxx
Subject: [IP] more on IPv6 Forum chief: the new Internet is ready for consumption
From: David Farber <dave@xxxxxxxxxx>
Date: Mon, 28 Nov 2005 12:27:36 -0500
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
References: <30634451-3131-458E-8A60-C135F05860B0@xxxxxxxxxxxxx>
Reply-to: dave@xxxxxxxxxx



Begin forwarded message:

From: Dewayne Hendricks <dewayne@xxxxxxxxxxxxx>
Date: November 28, 2005 9:53:19 AM EST
To: Dewayne-Net Technology List <dewayne-net@xxxxxxxxxxxxx>

Subject: [Dewayne-Net] re: IPv6 Forum chief: the new Internet isready for consumption

Reply-To: dewayne@xxxxxxxxxxxxx

[Note:  This comment comes from reader Thomas Leavitt.  DLH]

From: Thomas Leavitt <thomas@xxxxxxxxxxxxxxxxx>
Date: November 28, 2005 1:45:21 AM PST
To: dewayne@xxxxxxxxxxxxx
Subject: Re: [Dewayne-Net] IPv6 Forum chief: the new Internet isready for consumption
Dewayne,

The other day, some twit hit a http server I administer with no less
than 6,500 separate exploit attempts (before I blocked the attack) -
friggin' amazing (and kind of scary). The network I'm on getsliterally
hundreds of automated penetration attempts daily.

I don't want my desktop, or my wife's desktop, or my printer, or
anything else on my local network sitting on the open internet -they're
complicated enough to secure as it is... being hidden behind a NAT is
*good* for the home, small office and corporate user in my opinion,
despite how it "breaks" the fundamental end-to-end/peer-to-peerparadigm
of the Internet. Let twit like the guy above probe my relatively
uncomplicated little NAT box. They're not likely to get anywhere.

The idea of having 250 separate devices in my home sitting on the open
Internet makes me shudder - this would be a security nightmare! Who
wants to wake up to find out that their refrigerator has been taken
offline by their ISP, because someone used it to launch a UDP flood/DOS
attack against some rival's web site (and took out a bunch of other
sites and networks in the process)? Or that some fundamentallyessentialappliance or device has an unpatched security hole that has alreadybeenexploited - people are going to be very pissed the first time theyhaveto leave their TV effectively turned off for a week because it hasbeen
hacked and no fix exists yet.

Imagine how many devices a corporate network admin might wind up being
responsible for... I predict a rapid exodus from corporate IT ranks,
right about the third or fourth time that they're rolled out of bed at
three in the morning because some script kiddie managed to hack aremote
office's unpatched coffee maker, and is using it to try and take down
their high school's web server. Seriously - if you're responsible for
administering 10,000 separate devices, even with all the automated
systems management in the world, you're likely to spend far more time
than you'd like dealing with security flaws. There's no entertainment
factor in this.
If I'm missing something here, and I probably am, maybe someoneelse on
the list can fill me in...

Regards,
Thomas



Weblog at: <http://weblog.warpspeed.com>



-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] TLDs
Next by Date: [IP] Diebold voting machines in California
Previous by thread: [IP] TLDs
Next by thread: [IP] Diebold voting machines in California
Index(es):
- Date
- Thread