Home page logo

nanog logo nanog mailing list archives

Re: WANTED: ISPs with DDoS defense solutions
From: "E.B. Dreger" <eddy+public+spam () noc everquick net>
Date: Sun, 3 Aug 2003 20:06:16 +0000 (GMT)

CLM> Date: Sat, 2 Aug 2003 02:45:29 +0000 (GMT)
CLM> From: Christopher L. Morrow

CLM> EBD> Who should be held accountable for vulnerable boxen?
CLM> I believe the vendor should, but my opinion matters not :)

I agree.  It stinks when cutting code, knowing that _some_
competitor is slinging out crap... they're cutting corners, and
won't be held accountable -- at least in the short term.  This
hurts the entire industry.

Sort of like deaggregating routes, helping track down and shut
down spammers and abusers, et cetera... cut corners, cut costs,
and hurt the entire industry.

CLM> The lawyers and congress folks (or someone like that) needs
CLM> to get a little more mad about their 'critical
CLM> infrastructure' and how vulnerable it is due to negligence
CLM> and incompetence, or atleast a criminial level of naivety...


CLM> > IANAL, but automobile vendors have recall notices...
CLM> mandated by federal regulations inside the US (atleast)...
CLM> perhaps you want this for vendors also?

Something like that.  Notification currently is decent, but lacks
teeth.  I think vendors and admins should be required to follow
certain procedures to qualify for liability limitations.

Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
          DO NOT send mail to the following addresses :
  blacklist () brics com -or- alfra () intc net -or- curbjmp () intc net
Sending mail to spambait addresses is a great way to get blocked.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]