Date: Fri, 15 Apr 2005 00:23:06 +0200 From: Benjamin Rossen <b.rossen@onsnet.nu> To: freebsd-questions@freebsd.org Subject: Re: Self Defense thourg DoS... ? (was: too many illegal connection attempts through ssh) Message-ID: <200504150023.06724.b.rossen@onsnet.nu> In-Reply-To: <16324081427.20050414003011@hexren.net> References: <36f5bbba050406001514562df7@mail.gmail.com> <200504140011.44565.b.rossen@onsnet.nu> <16324081427.20050414003011@hexren.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 14 April 2005 00:30, Hexren wrote: > "Central _trusted_ authority" leaves a bitter taste in my mouth... but > then I may be paranoid. > Anyway if I am a local user on a machine and I have access to an ssh > binary (that is what I meant with "ssh access") and bash, I can churn out connections > with the only limit beeing my bandwith and system limits on the number > of processes I can run at one time. But even with these set to > sensible defaults say 10 processes and 1/10 of site bw. I am able to > "attack many disparate machines in different parts of the world" > therefore I am able to trigger a _defensive_ DoS against the machine > in that I am. > > Regards > Hexren > Hexren, I get your point. It is a very good point. Economists call that 'moral hazard', by which they mean that any system instituted to protect against one evil, can be recruited by a some individuals to bring about another inforeseen evil. The question then becomes; which is the greater evil? How may people who are local users and have access to ssh, are going to want to use defensive DOS to bring down the machine they are on? Surely, if they have these privileges, there are countless easier and more direct ways of bringing down their own machines. Even if there are some situations where the porposed system of defensive DOS can be used in this way, is the evil that results from these remote suicides worse that the evil that results from the crackers who are presently not checked in any way? Trusted authorities are a necessary feature of life in the real word, but there should be checks and balances in place. The word 'trusted' implies that. They are not just Statutory Authorities, or Powerful Forces. They are trusted by some one or some group, or the majority, and perhaps universally. Perhaps the question here should be: who determines which authority should be trusted, and who monitors their exercise of authority to see that they remain trustworthy? Benjamin Rossen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504150023.06724.b.rossen>