xml-dev - RE: [xml-dev] Re: Can A Web Site Be Reliably Defended Against DoSAttacks

RE: [xml-dev] Re: Can A Web Site Be Reliably Defended Against DoSAttacks

[ Lists Home | Date Index | Thread Index ]

To: "Bullard, Claude L (Len)" <clbullar@ingr.com>
Subject: RE: [xml-dev] Re: Can A Web Site Be Reliably Defended Against DoSAttacks?
From: Rick Marshall <rjm@zenucom.com>
Date: Sun, 08 Feb 2004 08:31:08 +1100
Cc: "'Rich Salz'" <rsalz@datapower.com>, Bob Foster <bob@objfac.com>, "'Liam Quin'" <liam@w3.org>, "'XML DEV'" <xml-dev@lists.xml.org>
In-reply-to: <15725CF6AFE2F34DB8A5B4770B7334EE03F9F2C0@hq1.pcmail.ingr.com>
Organization: Zenucom Pty Limited
References: <15725CF6AFE2F34DB8A5B4770B7334EE03F9F2C0@hq1.pcmail.ingr.com>
Reply-to: rjm@zenucom.com

On Sun, 2004-02-08 at 05:09, Bullard, Claude L (Len) wrote:
> Until you put the wrong application on it and it fails 
> spectacularly in living color on international TV.
> 
> This isn't a trivial, 'we'll fix it when we get around 
> to it' lalala problem.  DDoS means simply that the 
> push of IP into some domains is driving ahead of the 
> headlights.  The approach of "we'll create transport 
> agnostic formats" is fine but does not go far enough 
> because the pressures to drink the IP/REST/HTTP are 
> real and dangerous.
> 
> It is time to start listening to the designers at 
> Microsoft.  If the web can't pull it off, we'll 
> have to go to companies that can.   It is time 
> for a consortium to form whose mandate is to 
> create a global network that is safe and reliable 
> for mission critical applications.  This should 
> be an effort undertaken by the companies who 
> understand the problem and have a culture that 
> can practice end-to-end engineering, not 80/20.
> 
that's not going to happen, it'd be like giving the phone system back to
at&t....

and i don't think there's overwhelming conviction out there that
microsoft's engineers are better than everyone elses. or that microsoft
has some special knowledge that lets them create things others can't.
the difference is that most of us would prefer the diversity of
heterogeneous environments, rather than monocultures.

if microsoft had their way we'd all be living on msn, we wouldn't have
to bother with standards and rfcs - they'd take care of that for us, and
then we just wouldn't need xml. tv's would have been replaced by now
etc... 

real engineers know that their job is to meet requirements in a hostile
environment, not change the environment. knowing that there are DoS
attacks happening we look to understand how they happen, what they do,
what we can do to prevent/weaken them when (not if) they happen. that's
just good practice. 

rick

> len
> 
> 
> From: Rich Salz [mailto:rsalz@datapower.com]
> 
> > Still, the way I remember it there was COS, all the king's horses and
> > all the king's men on one side and Marshall Rose, in absentia, on the
> > other. Sic transit gloria COS.
> 
> Yup, running code beats out almost everything else.
> 
> -----------------------------------------------------------------
> The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
> initiative of OASIS <http://www.oasis-open.org>
> 
> The list archives are at http://lists.xml.org/archives/xml-dev/
> 
> To subscribe or unsubscribe from this list use the subscription
> manager: <http://lists.xml.org/ob/adm.pl>
>

References:
- RE: [xml-dev] Re: Can A Web Site Be Reliably Defended Against DoS Attacks?
  - From: "Bullard, Claude L (Len)" <clbullar@ingr.com>

Prev by Date: RE: [xml-dev] Re: Can A Web Site Be Reliably Defended Against DoSAttacks?
Next by Date: Hello
Previous by thread: RE: [xml-dev] Re: Can A Web Site Be Reliably Defended Against DoS Attacks?
Index(es):
- Date
- Thread