[Dshield] DHS wants to silence reporting of networkoutages --DSHIELD next?

Portz, Jon jportz at kforce.com
Thu Jun 24 22:31:33 GMT 2004


Not really over the top, a little impassioned maybe.   

;P

Overall, I think it's a fair assessment of where we are headed with
respect to DHS, corporate governance, regulatory compliance, ad
nauseum...

People who have no understanding of who the technology actually
functions should not be allowed to legislate it.

You want a cure to denial of service and spoofing attacks? Then force
ISP to implement ingress/egress filtering and some basic ACLs on all of
their routers. 

Playing the security though obscurity game is dangerous at best and
catastrophic at worst. IMHO, DHS needs to field this one to people who
understand how an attack actually occurs before pressing a measure like
this. 

And BTW, I don't need an announcement to tell me that my test box went
down due to the buffer overflow DOS that I attacked it with. All I
really have to do is ping or connect scan specific service ports the box
to gain confirmation. So how is it that the announcement is a
confirmation to the attacker again? He already knows (that is unless he
d/l'd his attack code from packetstorm, astalavista, etc.).

These statements remind me of the old Bugs Bunny cartoon where the yeti
pulls the bag over his head and yells, "You can't see me, 'Cause I can't
see you..."

JTP


-----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org] On Behalf Of Joseph Stahley 3rd
Sent: Thursday, June 24, 2004 5:42 PM
To: 'General DShield Discussion List'
Subject: RE: [Dshield] DHS wants to silence reporting of networkoutages
--DSHIELD next?

It's actually to be used for not allowing the release of what networks
are
up or down in order to provide security. If someone knows a network went
down due to something they instigated or tried, then one will use that
to
try and damage other areas. This should have been one of the first
things
done IMHO in order to stop DOS and other types of attack. By not saying
they
were successful might reduce the amount of people trying to purposely
bring
networks down.

Joseph  

-----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org]
On Behalf Of Michael Thayer
Sent: Thursday, June 24, 2004 2:23 PM
To: General DShield Discussion List
Subject: Re: [Dshield] DHS wants to silence reporting of networkoutages
--
DSHIELD next?

A little over the top aren't we?  They have a good point, and the group
they
want to report too would include all those who would need to know about
them
to do their jobs to improve reliability.



At 01:23 PM 6/24/2004 -0400, you wrote:
>The U.S. Department of Homeland Security wants information about 
>network outages to become secret! See:
>         
>http://www.theregister.co.uk/2004/06/24/network_outages/print.html
>
>What is next in our government's continuing expansion of paranoia?
>   - Will they next try to silence dshield.org and incidents.org's  
>reporting of port scans because it may give terrorists some idea if 
>their  scans are being detected?
>   - How about suppressing discussions of security problems on BugTraq,

>DShield, SANS, SecurityFocus, and other forums because it may give  
>terrorists ideas on what exploits work best?
>
>Where will it end?
>
>It really sickens me how our civil liberties are being eroded day by 
>day under the guise of "national security." I would rather be a lot 
>less secure and much more free!
>
>Maybe we should all have a Fahrenheit 9/11 party?
>
>End of rant (for now). Apologies to non-US list members.
>
>Jon Kibler
>--
>Jon R. Kibler
>Chief Technical Officer
>A.S.E.T., Inc.
>Charleston, SC  USA
>(843) 849-8214
>
>
>
>
>==================================================
>Filtered by: TRUSTEM.COM's Email Filtering Service 
>http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
>
>_______________________________________________
>list mailing list
>list at lists.dshield.org
>To change your subscription options (or unsubscribe), see: 
>http://www.dshield.org/mailman/listinfo/list

_______________________________________________
list mailing list
list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.710 / Virus Database: 466 - Release Date: 6/23/2004
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.710 / Virus Database: 466 - Release Date: 6/23/2004
 

_______________________________________________
list mailing list
list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list



More information about the list mailing list