[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Your counsel on defeating DDOS Attacks
At 6:33 PM -0500 2/17/00, Steven M. Christey wrote: > >4) Often, security is not a corporate priority, which means that it is >under-supported financially. And administratively. If you can't enforce policy, it doesn't really exist. > >1) Encourage the widespread use of strong authentication. Encryption >is mentioned in the proposal, but not authentication. Only where appropriate. The encryption and key lookup involved slow systems down, and can add to a DOS attack. Furthermore, there are many places where strong authentication is not desireable because it reduces privacy.