Re: Three states for a binary bit (was Re: TCP (and SCTP) sucks onhigh speed networks)

[Francesco Potorti` <F.Potorti@cnuce.cnr.it>]

Alhussein Abouzeid <hussein@ee.washington.edu>:   
   It is well known by now that one can not rely on the
   sources ALONE to avoid congestion
   
Francesco Potorti` <F.Potorti@cnuce.cnr.it>:
   Is it?
   
Alhussein Abouzeid <hussein@ee.washington.edu>:   
   Taking into accuont denial of service attacks, I have to answer
   affirmatively.

Suppose a denial  of service attack works by overloading  a piece of the
network  to  the point  of  congesting it,  so  to  make it  practically
unusable.

The  method used  to reach  this target  is generally  dependent  on the
environment in  which the DoS attack  is implemented.  But as  long as a
server accepts  connections from unknown  parties, a DoS attack  of this
kind  can always  succeed,  whichever the  environment,  unless you  put
regulations at the network's edges.

Suppose that  a couple million  people want to  block the access  to the
Colosseum, in Rome, by just going there and staying.  To avoid this, you
should regulate access to the main  roads to Colosseum, but doing so you
would just move the congestion  to those regulatory points, and so block
the center  of Rome.  Same if  you put the regulatory  points all around
Rome: you would block access to the  town.  The only way would be to put
a policeman in  front of each house,  and when people try to  get out of
their  home, blocking  them  if they  declare  they want  to  go to  the
Colosseum.

In the end,  I don't think that  DoS can be used as  a justification for
your original statement.

-- 
Francesco Potort́ (researcher)         Voice: +39 050 315 3058 (op.2111)
Area della ricerca CNR - CNUCE         Fax:   +39 050 3138091
via Vittorio Alfieri 1                 Email: F.Potorti@cnuce.cnr.it
I-56010 Ghezzano, Pisa                 Web:   http://fly.cnuce.cnr.it/