Home page logo

nanog logo nanog mailing list archives

Re: Fw: GLBX ICMP rate limiting (was RE: Tier-1 without their own backbone?)
From: Michael Hallgren <m.hallgren () free fr>
Date: Thu, 28 Aug 2003 22:41:30 +0200

Selon "Christopher L. Morrow" <chris () UU NET>:

On Thu, 28 Aug 2003, variable () ednet co uk wrote:

On Thu, 28 Aug 2003, Christopher L. Morrow wrote:

Rate-limiting ICMP is 'ok' if you, as the provider, think its worthwhile
and you, as the provider, want to deal with the headache phone calls...

Would it be fair to say that UUNET haven't been asked by Homeland Security
to do the rate limiting that GLBX claim they have been asked to do?  Has

That is not fair at all :) DHS asked 'all ISPs' to filter 'all relevant
traffic' for this latest set of MS worm events. Some ISPs did the
filtering in part or in whole, others didn't...

I would think that any ISP should have made the decision to take action
not based on DHS's decree, but on the requirements of their network. So,
if the ISP's network was adversely impacted by this even, or any other,
they should take the action that is appropriate for their situation. That
action might be to filter some or all of the items in DHS's decree, it
might be to drop prefixes on the floor or turn down customers, or a whole
host of other options.

Doing things for the govt 'because they asked nicely' is not really the
best of plans, certianly they don't know the mechanics of your network,
mine, GBLX's, C&W's or anyone elses... they should not dictate a solution.
They really should work with their industry reps to 'get the word out'
about a problem and 'make people aware' that there could be a crisis.
Dictating solutions to 'problems' that might not exist is hardly a way to
get people to help you out in your cause :) Oh, and why didn't they beat
on the original software vendor about this?? Ok, no more rant for me :)

anyone else been asked to rate limit by the U.S. Department of Homeland

Just about everyone with a large enough US office was asked by DHS, in a
public statement...

Rough agreement; with a fair amount of

<innocence>... : what about attemtpting to approach the (at least current)
ROOT CAUSE(S) albeit likely fairly (even more than patching the outcome)
cumbersome (but in the long run..)... 
</innconcence> ;) 

-- if having bought a car I discover the brakes doesn't really do their job
(in spite of the car, considering other aspects, being (easy|nice) to
drive :), I'd rather (chat|complain) with the vendor, than asking the 
highway provider to patch my way along.. building cotton walls.. ('cause
I wouldn't want my highway provider limit my driving experience in the
case I eventually run into a better performing car..). More subtle highway
speed versus security considerations... neglected, of course :)


Michael Hallgren, http://m.hallgren.free.fr/, mh2198-ripe

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]