Home page logo
/

nanog logo nanog mailing list archives

Re: Are we really this helpless? (Re: isprime DOS in progress)
From: Mark Andrews <Mark_Andrews () isc org>
Date: Sun, 25 Jan 2009 13:05:06 +1100


In message <d99aaed40901241734g691cd581q20e9c88eb76093b7 () mail gmail com>, Marti
n Hannigan writes:
On Sat, Jan 24, 2009 at 8:01 PM, Mark Andrews <Mark_Andrews () isc org> wrote:


In message <8C5F1FEC-FF51-4BA2-A762-C13BC275E806 () virtualized org>, David
Conrad writes:
It would seem that as ISPs implement DPI and protocol-specific traffic
shaping, they damage the arguments that they can make claiming they
have "common carrier" status with the inherent immunities that status
provides.  I can hear the argument now: if an ISP can throttle
BitTorrent (or whatever) for specific nodes, why can't they also limit
the source addresses of packets coming from those nodes?

        They can and should.  I suspect many of them do as they
       usually apply these filters to home networks.

       BCP 38 is ~10 years old now.  It should have been factored
       into the purchasing decision of all the current equipement.
       If it wasn't then the operator was negligent.

       Mark


BCP 38 isn't a license, it's a technique.

        There are plenty of cases in common law where as a owner
        of something and you havn't taken reasonable steps to protect
        or prevent injury that, were well known, you will be proved
        to be negligent.

        BCP 38 is falling into that sort of category.

        Every operator here should be worried about what will happen
        when someone decides to sue them to recover damaged caused
        by spoofed traffic.  It's just a matter of time before this
        happens.  Remember every router inspects packets to the
        level required to implement BCP 38.  This is not deep packet
        inspection.  This is address inspection which every router
        performs.

                Did you know about "BCP 38"?
                What steps did you take to implement "BCP 38"?

        I suspect that a lawyer will be able to demonstrate to a
        judge that even as a common carrier that a operator should
        have been deploying BCP 38.

        Mark
-- 
Martin Hannigan                               martin () theicelandguy com
p: +16178216079

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews () isc org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]