Home page logo
/

nanog logo nanog mailing list archives

Re: Are we really this helpless? (Re: isprime DOS in progress)
From: David Conrad <drc () virtualized org>
Date: Sat, 24 Jan 2009 14:38:53 -0800

Jack,

On Jan 23, 2009, at 9:34 PM, Jack Bates wrote:
David Conrad wrote:
Sad fact is that there are zillions of excuses. Unfortunately I suspect the only way we're going to make any progress on this will be for laws to be passed (or lawsuits to be filed) that impose a financial penalty on ISPs through which these attacks propagate.
Careful what you ask for. You might get it, and I'm sure the outcome wouldn't be liked by any.

You misunderstand. I am certainly not asking for it, in fact I consider it something of a tragedy that it appears the only way action can be taken is to take it away from technologists and give it to lawyers and politicians. And no, the outcome most likely won't be liked, just like CAN-SPAM was a sad joke.

Getting sued because you had some stealth botnet that suddenly fires up is not a good deal; and probably why ISP's still manage to hold onto some immunities. OT, though, I'm sure.

It would seem that as ISPs implement DPI and protocol-specific traffic shaping, they damage the arguments that they can make claiming they have "common carrier" status with the inherent immunities that status provides. I can hear the argument now: if an ISP can throttle BitTorrent (or whatever) for specific nodes, why can't they also limit the source addresses of packets coming from those nodes?

Regards,
-drc



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault