nanog mailing list archives
Re: no ip forged-source-address
From: Michael Lamoureux <lamour () mail argfrp us uu net>
Date: 30 Oct 2002 12:09:33 -0500
"daniel" == Daniel Senie <dts () senie com> writes: daniel> If the government or other large buyers require network-wide daniel> ingress filtering in any supplier they buy from (something I daniel> suggested to the folks at eBay, Schwab, etc. in our phone daniel> calls after the attacks a few years ago), or if there were daniel> legal incentive, there might be a chance ISPs would find a daniel> financial motive to implement BCP 38. As it is, there's no daniel> incentive, so the path of least resistance is to do nothing. I find it interesting that you suggest that the legal incentive should be toward having the ISPs come up with a magic solution and not toward having the customers do egress filtering at the edge(s) of their network and actually perform something resembling security on the hosts on their networks. After all, it is not usually a security failing of the ISP that causes a DoS or DDoS attack, but utter incompetence or neglect by someone at the edge of the network. The problem is that it's those same people who have the money needed to keep the ISPs in business. Unless all ISPs decided to hold the customers responsible, they'd just move to another ISP. I'm not saying I don't think ISPs should filter where feasible, I'm just saying that if we're going to hold someone responsible, it should be the people who are responsible, not the people who are convenient. but my opinions are probably worthless, Michael
Current thread:
- Re: no ip forged-source-address, (continued)
- Re: no ip forged-source-address Craig A. Huegen (Oct 30)
- Re: no ip forged-source-address Jared Mauch (Oct 30)
- Re: no ip forged-source-address Petri Helenius (Oct 30)
- RE: no ip forged-source-address Tony Hain (Oct 30)
- Re: no ip forged-source-address Jim Forster (Oct 30)
- Message not available
- Re: no ip forged-source-address Daniel Senie (Oct 30)
- Re: no ip forged-source-address Craig A. Huegen (Oct 30)
- Re: no ip forged-source-address Daniel Senie (Oct 30)
- Re: no ip forged-source-address variable () ednet co uk (Oct 30)
- RE: no ip forged-source-address Tony Hain (Oct 30)
- RE: no ip forged-source-address Daniel Senie (Oct 30)
- Re: no ip forged-source-address variable () ednet co uk (Oct 30)
- Re: no ip forged-source-address Michael Lamoureux (Oct 30)
- Re: no ip forged-source-address Daniel Senie (Oct 30)
- Re: no ip forged-source-address Christopher L. Morrow (Oct 30)
- RE: no ip forged-source-address Christopher L. Morrow (Oct 30)
- Re: no ip forged-source-address Valdis . Kletnieks (Oct 30)
- Re: no ip forged-source-address Christopher L. Morrow (Oct 30)
- RE: no ip forged-source-address Charles D Hammonds (Oct 30)
- RE: no ip forged-source-address Christopher L. Morrow (Oct 30)
- RE: no ip forged-source-address Randy Bush (Oct 31)
- Re: no ip forged-source-address David Howe (Oct 31)