nanog mailing list archives
Re: Schneier: ISPs should bear security burden
From: Iljitsch van Beijnum <iljitsch () muada com>
Date: Thu, 28 Apr 2005 09:17:42 +0200
On 27-apr-2005, at 20:08, Dan Hollis wrote:
I can definitely say worms, trojans, spam, phishing, ddos, and other attacks is up severalorders of magnitude in those 20 years. Malicious packets now account for a significant percentage of all ip traffic. Eventually I expect maliciouspackets will outnumber legitimate packets, just like malicious email outnumbers legitimate email today.
As long as the environmental polluter model continues to be championed andpromoted on nanog (of all places), the problem will only get worse.
The problem is that the maliciousness of packets or email is largely in the eye of the beholder. How do you propose ISPs determine which packets the receiver wants to receive, and which they don't want to receive? (At Mpps rates, of course.)
This whole discussion is a clear example of the fallacy of treating "security" as an independent entity, rather than an aspect of other things.
There are many ISPs that do less than they should, though. (Allow spoofed sources, don't do anything against hosts that are reported to send clearly abusive traffic, sometimes even at DoS rates...)
Current thread:
- Re: Schneier: ISPs should bear security burden, (continued)
- Re: Schneier: ISPs should bear security burden Fergie (Paul Ferguson) (Apr 26)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 27)
- Re: Schneier: ISPs should bear security burden Michael . Dillon (Apr 27)
- Message not available
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 27)
- Re: Schneier: ISPs should bear security burden Dan Hollis (Apr 27)
- Re: Schneier: ISPs should bear security burden Daniel Roesen (Apr 27)
- Re: Schneier: ISPs should bear security burden Petri Helenius (Apr 27)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 27)
- Re: Schneier: ISPs should bear security burden Dan Hollis (Apr 27)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 27)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 27)
- Re: Schneier: ISPs should bear security burden Fergie (Paul Ferguson) (Apr 26)
- Re: Schneier: ISPs should bear security burden Iljitsch van Beijnum (Apr 28)
- Re: Schneier: ISPs should bear security burden Dan Hollis (Apr 28)
- Re: Schneier: ISPs should bear security burden Adi Linden (Apr 28)
- Re: Schneier: ISPs should bear security burden Petri Helenius (Apr 28)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 28)
- Re: Schneier: ISPs should bear security burden Barry Shein (Apr 29)
- Re: Schneier: ISPs should bear security burden James Baldwin (Apr 27)
- Re: Schneier: ISPs should bear security burden Owen DeLong (Apr 27)
- Re: Schneier: ISPs should bear security burden Adi Linden (Apr 28)
- Re: Schneier: ISPs should bear security burden Iljitsch van Beijnum (Apr 28)
- Re: Schneier: ISPs should bear security burden Adi Linden (Apr 28)