From owner-freebsd-advocacy Fri May 5 11:40:52 2000 Delivered-To: freebsd-advocacy@freebsd.org Received: from avocet.prod.itd.earthlink.net (avocet.prod.itd.earthlink.net [207.217.121.50]) by hub.freebsd.org (Postfix) with ESMTP id 4331337BBB2 for ; Fri, 5 May 2000 11:40:50 -0700 (PDT) (envelope-from Don@Silver-Lynx.com) Received: from Silver-Lynx.com (pool0288.cvx8-bradley.dialup.earthlink.net [209.178.171.33]) by avocet.prod.itd.earthlink.net (8.9.3/8.9.3) with ESMTP id LAA00120 for ; Fri, 5 May 2000 11:40:49 -0700 (PDT) Message-ID: <391315EE.38124987@Silver-Lynx.com> Date: Fri, 05 May 2000 11:41:50 -0700 From: Don Wilde X-Mailer: Mozilla 4.72 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-advocacy@freebsd.org Subject: [Fwd: DDoS attacks] Content-Type: multipart/mixed; boundary="------------630EB1A3BE27EB408227FFC5" Sender: owner-freebsd-advocacy@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. --------------630EB1A3BE27EB408227FFC5 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit I just sent this to InfoWorld's Security Watch commentators. I think what I've said would be the jist of an ideal BSDi press release. We should make hay of this as a real plus for BSD!!! Don --------------630EB1A3BE27EB408227FFC5 Content-Type: message/rfc822 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Mozilla-Status2: 00000000 Message-ID: <3913151F.D5C80BF5@Silver-Lynx.com> Date: Fri, 05 May 2000 11:38:23 -0700 From: Don Wilde X-Mailer: Mozilla 4.72 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: security_watch@infoworld.com Subject: DDoS attacks Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit As a commercial user of FreeBSD, I recently started examining the new 4.0-Release package. I note in the prepackaged ports section that there are 3 new tools (on the CDs!) there for finding and blocking DDoS attack servers and also determining whether your own server has been suborned. Although BSD does not get the mention that your commercial advertiser friends do, I believe it's a great choice for a server OS platform and deserves more press as a viable and higher-performance alternative to either Linux or payware like Solaris. FreeBSD has some of the most active security audit teams around, and Theo deRaadt of OpenBSD is well known as a security hawk. Yahoo's site was not compromised and they were back on the air quickly because of the robustness of FreeBSD and because of these tools. Insiders know that some of the other sites were actually trashed because of DDoS overloads on their server buffers. Certain other OSen are known to die horribly under load instead of slowing to a saturation halt, and this is a fact that should be made known because transaction or data compromise is as bad or worse than unavailbility from a bottom-line point of view. In your column you speak of 'open disclosure' of attack incidents. I submit that there is no better 'full disclosure' than total release of the source code, the vulnerabilities and the bugfix codes that follow. No OS has a better or easier method for maintaining the best level of security possible than FreeBSD with its ongoing audit process, security notification lists, and CVSup source-level upgrade process. Commercial vendors rely on stealth to hide their vulnerabilities, but FreeBSD source code is available for all to see and to attempt to crack. My point is that if there is more to crack, it'd be happening. With proper server discipline, FreeBSD servers are not cracked. The audit teams are sifting through all the contributed ports to assess their vulnerabilities, because the operating system itself has been examined by worldwide experts. Can Microsoft say the same of their OS? Can Sun? Would either stand the same source code scrutiny? I think not. Sincerely, Don Wilde President Silver Lynx Don@Silver-Lynx.com 505-771-0709 --------------630EB1A3BE27EB408227FFC5-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-advocacy" in the body of the message