drc at virtualized.org
Mon Dec 15 02:45:16 UTC 2014
On Dec 14, 2014, at 3:05 PM, Roland Dobbins <rdobbins at arbor.net> wrote:
> I've never run into a situation in which a monoculture would've made things any worse.
Two words: Microsoft Windows.
> a) packet-of-death vulnerabilities are rare,
Sure, but they happen. For example:
- the resolver bug we're talking about
- pretty much any one of https://kb.isc.org/article/AA-00913/74/BIND-9-Security-Vulnerability-Matrix.html (not to pick on BIND, other DNS servers have DoS vulnerabilities as well of course)
Presumably you too can google "packet of death".
The point is that it is a risk that is easily mitigated by having diversity in your infrastructure.
> b) operators ought to have mechanisms in place to filter them when they do show up (*not* silly 'IPS'),
Does the term "closing the barn door after the horses have fled" mean anything to you?
> c) gross incompetence with a heterogeneous software base is no different than gross incompetence with a monoculture - except that it's more certain.
Sorry, where is gross incompetence being demonstrated in this particular case?
> If we could ever get to the point where a monoculture was the biggest challenge we face, we'd be a lot better off than we are today.
Are you really arguing that we should not have diversity in the Internet infrastructure because there are a bunch of problems diversity in the infrastructure won't fix?
> And 'a bit more challenging' is a significant understatement, especially at scale.
Too bad no one has come up with something like Puppet, Chef, Ansible, etc., to help manage infrastructure configuration at scale.
> Worrying about software monoculture at this juncture is like worrying about urban planning when you don't even have indoor plumbing.
Software diversity is a tool that network administrators use to improve resiliency in their infrastructure. I agree it is not a silver bullet but if I was building out critical infrastructure like (oh say) a root server or a resolver cloud that my customers depend on, I would want to minimize the risk that my infrastructure was vulnerable to a single bug.
I am honestly surprised you're arguing against this.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the dns-operations