[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: swIPe comments

To: karn@qualcomm.com, shirey@mitre.org
Subject: Re: swIPe comments
From: wcb@cert.org
Date: Mon, 27 Jun 94 11:57:35 EDT
Cc: ipsec@ans.net, jfjr@mbunix.mitre.org, saag@tis.com, psrg@tis.com


> Phil (and everyone else),
> 
> It would be nice to see a (initially simple) taxonomy of denial-of-service
> attacks -- beginning with your definition of "simple", and going on to ??
> -- for inclusion in the draft Internet Security Architecture and to
> otherwise organize security discussions in the IETF, etc.  The
> classifications should be, like Phil's definition below, in terms of
> Internet (infrastructure) resources needed by (and/or affected by) the
> attack.
> 
> Any contributions gratefully accepted.
> 

rob,
   attack strategy taxonomies are extremely difficult and expensive
   to develop and maintain, at any state of usefulness.  they become
   obsolete very quickly, and as a result i would not recommend
   including such a taxonomy in a document like the Internet Security
   Architecture draft.

   what is the focus of the denial-of-service taxonomy that you
   are proposing?  is it just swIPe, or are you interested
   in developing a taxonomy for the internet's architecture.

carter

Carter Bullard                             CERT Coordination Center
Phone    (412) 268-6238                    Software Engineering Institute
24 hr    (412) 268-7090                    Carnegie Mellon University
Email    wcb@cert.org  cert@cert.org       Pittsburgh, PA 15213-3890

Prev by Date: Re: Re[2]: Granularity of authentication in swIPe
Next by Date: *** Help to get Kerberos S/W ***
Prev by thread: Re: swIPe comments
Next by thread: Re: swIPe
Index(es):
- Main
- Thread