Re: Your counsel on defeating DDOS Attacks

To: "Steven M. Christey" <coley@linus.mitre.org>
Subject: Re: Your counsel on defeating DDOS Attacks
From: Gene Spafford <spaf@cerias.purdue.edu>
Date: Thu, 17 Feb 2000 23:30:38 -0500
Cc: cve-editorial-board-list@lists.mitre.org, gjg@mitre.org, wrg@mitre.org, ptasker@mitre.org, ckrause@mitre.org
Delivery-Date: Fri Feb 18 07:45:03 2000
In-Reply-To: <200002172333.SAA25379@basie.mitre.org>
References: <200002172333.SAA25379@basie.mitre.org>

At 6:33 PM -0500 2/17/00, Steven M. Christey wrote:
>
>4) Often, security is not a corporate priority, which means that it is
>under-supported financially.

And administratively.   If you can't enforce policy, it doesn't really exist.

>
>1) Encourage the widespread use of strong authentication.  Encryption
>is mentioned in the proposal, but not authentication.

Only where appropriate.   The encryption and key lookup involved slow 
systems down, and can add to a DOS attack.   Furthermore, there are 
many places where strong authentication is not desireable because it 
reduces privacy.

References:
- Re: Your counsel on defeating DDOS Attacks
  - From: "Steven M. Christey" <coley@linus.mitre.org>

Prev by Date: Re: Your counsel on defeating DDOS Attacks
Next by Date: Re: Your counsel on defeating DDOS Attacks
Prev by thread: Re: Your counsel on defeating DDOS Attacks
Next by thread: Re: Your counsel on defeating DDOS Attacks
Index(es):
- Date
- Thread

Page Last Updated or Reviewed: May 22, 2007

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.