[governance] How to Prevent Cyber War

John Curran jcurran at arin.net
Tue Feb 2 21:07:26 EST 2010 

On Feb 2, 2010, at 7:01 PM, Imran Ahmed Shah wrote:
> I would like to mention only little points. if the traffic and accessibility of the internet is traceable by monitoring and controlled with existing policies why still everyone is facing spam and hacking attacks? 

I will note that an implied requirement of an "open" Internet 
is an "accountable" Internet, and on that matter we have a poor 
global track record.  By "accountable", I mean the ability to 
determine the parties involved in any Internet traffic, i.e. 
a non-anonymous Internet. This is absolutely necessary if we
are to have the Internet continue to grow and scale without 
being subject to debilitating hacking/DDoS attacks (note that
the ability to discover after the fact where traffic is coming
from isn't an issue for a closed Internet, since it is inherent
in the controlled nature of all connections).

The underlying requirement is that an ISP needs to be able to
identify the party originating any traffic the ISP sends to 
other networks.  This doesn't necessarily have to be publicly-
visible, but does need to be obtaining on short notice by ISPs
in order to keep the network operational at all times.

At present, this principal only tenuously maintained due to 
the nature of the DNS & IP Whois directories, and no common
declaration of this principle has been made to date.  As a 
result, we now have numerous occasions where we simply can
not ascertain the origination of traffic, and this enables
the large scale hacked server farms that then mount attacks
on websites, clog everyones email with spam, etc.

There are real social implications of ISP's having to know who 
is originating their Internet traffic, and also in the use of
such information for purposes other than keeping the Internet
operational.  It is for these reasons that a discussion of 
the need for accountability versus the privacy/human rights
implications might be appropriate at some future IGF forum,
particularly in the context of maintaining an open (but still
useful) Internet.

/John

____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance

Translate this email: http://translate.google.com/translate_t

More information about the Governance mailing list