nanog mailing list archives

Re[2]: New Denial of Service Attack on Panix

From: Brian Murrell <Brian_Murrell () bctel net>
Date: Tue, 17 Sep 1996 14:59:55 -0700 (PDT)

from the quill of "Kent W. England" <kwe () 6SigmaNets com> on scroll
<2.2.32.19960917204240.00714dac () mail cts com>

We need a general consensus in order for any one of us to justify the
effort
required to install source address filters. That means that
representatives
from major backbone ISPs must announce that they will install filters
(not 
at the MAEs) in response to this new threat and that they expect that
their 
peers will too. I'm not one of those major backbone ISP network 
engineers, but I would hope that for the sake of all of us, that those
who 
are will roll their eyes heavenward, take a deep breath, and do what
needs 
to be done. I know it's easy for me to say, but nevertheless ...


If the backbones agree that this is what needs doing, then perhaps a
financial penalty should be levied against upstream sites that have allowed
forged addresses to enter the backbone networks.  Whenever one of these
forgers needs to be tracked one almost certainly needs to cross at least
one backbone provider to do the tracing.  One will eventually find the
backbone provider providing service to the 1st tier ISP, which may lead to
a second tier ISP and so on.  If the time spent to find the 1st tier ISP
were charged back to that ISP he would certainly be able to justify the
cost of the filtering.  That first tier has the option to pass the cost on
to it's offending customer.  Which also gives incentive to find the next
hop from where the packets are coming.

I hate financial penalties as much as the next guy, but when facing
somebody whose excuse for ignoring the requirement is cost, make the apathy
a cost as well.

b.


--
Brian J. Murrell                                        Brian_Murrell () bctel net
BCTel Advanced Communications                                   brian () ilinx com
Vancouver, B.C.                                                brian () wimsey com
604 454 5279
- - - - - - - - - - - - - - - - -

Current thread:

Re: New Denial of Service Attack on Panix, (continued)
- Re: New Denial of Service Attack on Panix Paul Ferguson (Sep 17)
  - Re: New Denial of Service Attack on Panix Avi Freedman (Sep 17)
  - Re: New Denial of Service Attack on Panix Michael Dillon (Sep 17)
    - Re: New Denial of Service Attack on Panix bmanning (Sep 17)
- Re: New Denial of Service Attack on Panix Leonid Egoshin (Sep 17)
- Re: New Denial of Service Attack on Panix Vadim Antonov (Sep 17)
  - Re: New Denial of Service Attack on Panix: Avi Freedman (Sep 17)
- Re: New Denial of Service Attack on Panix Justin W. Newton (Sep 17)
  - Re: New Denial of Service Attack on Panix Dick St.Peters (Sep 17)
- Re: New Denial of Service Attack on Panix Kent W. England (Sep 17)
  - Re[2]: New Denial of Service Attack on Panix Brian Murrell (Sep 17)
- Re: New Denial of Service Attack on Panix Leonid Egoshin (Sep 17)
- Re: New Denial of Service Attack on Panix Paul Ferguson (Sep 18)
  - Re: New Denial of Service Attack on Panix Jeff Young (Sep 18)
- Re: New Denial of Service Attack on Panix Guy T Almes (Sep 18)
  - Re: New Denial of Service Attack on Panix Tim Bass (Sep 18)
- Re: New Denial of Service Attack on Panix Stan Barber (Sep 18)
- Re: New Denial of Service Attack on Panix Kent W. England (Sep 18)
  - Re: New Denial of Service Attack on Panix Dan Ellis (Sep 18)
  - Re: New Denial of Service Attack on Panix Tim Bass (Sep 21)
- Re: New Denial of Service Attack on Panix Paul Ferguson (Sep 18)

(Thread continues...)