nanog mailing list archives
Re: Why won't providers source-filter attacks? Simple.
From: Mark Andrews <marka () isc org>
Date: Thu, 06 Feb 2014 11:11:43 +1100
In message <CABgOHgs0nEiTCQfOHM21cYwB5Z0PUpAnsWBqV=ppy4K24Zw5pQ () mail gmail com> , Landon Stewart writes:
--f46d042c63a5ad12dd04f1abc724 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: quoted-printable On 4 February 2014 17:18, Mark Andrews <marka () isc org> wrote:That would never fly, because it would put the politicians at odds with the telecom buddies that make huge political donations. Hard to throw someone in jail then hit them up for campaign money. What will probably happen is the same thing we do with everything else that might be used for evil purposes but where we don't want to tackle the real underlying problem -- just write a law banning something and hope the problem goes away.No, you write a law requiring something, e.g. BCP 38 filtering by ISPs, and you audit it. You also make the ISPs directors liable for the impact that results from spoofed traffic from them. Making it law puts all the ISP's in the country on a equal footing with respect to implementation costs.This is a slippery slope if I've ever seen one. If we start having legislators making laws for how packets are served we are just begging for them to put their feet into all kinds of doors that we don't want them in.
Well when industries don't self regulate governments step in. This industry is demonstratably incapble of regulating itself in this area despite lots of evidence of the problems being caused for lots of years. This has been DOCUMENTED BEST CURRENT PRACTICE for 13.5 years. Everybody else is having to deal the problems caused by these bad actors. Hell, I suspect you could send the directors to gaol or make them pay a heavy fine today by properly examining the existing laws. A new law would just make the problem more explicit. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka () isc org
Current thread:
- Re: Why won't providers source-filter attacks? Simple., (continued)
- Re: Why won't providers source-filter attacks? Simple. Saku Ytti (Feb 05)
- Re: Why won't providers source-filter attacks? Simple. Jimmy Hess (Feb 05)
- Re: Why won't providers source-filter attacks? Simple. Paul Ferguson (Feb 05)
- Re: Why won't providers source-filter attacks? Simple. Mark Andrews (Feb 05)
- Re: Why won't providers source-filter attacks? Simple. Paul Ferguson (Feb 05)
- Re: Why won't providers source-filter attacks? Simple. Randy Bush (Feb 05)
- Re: Why won't providers source-filter attacks? Simple. Paul Ferguson (Feb 05)
- Re: Why won't providers source-filter attacks? Simple. Randy Bush (Feb 05)
- Re: Why won't providers source-filter attacks? Simple. Leo Bicknell (Feb 06)
- POLL: BCP38 Name And Shame Jay Ashworth (Feb 05)
- Message not available
- Re: Why won't providers source-filter attacks? Simple. Mark Andrews (Feb 05)
- Re: Why won't providers source-filter attacks? Simple. Randy Bush (Feb 05)
- Re: Why won't providers source-filter attacks? Simple. Livingood, Jason (Feb 07)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Jay Ashworth (Feb 04)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] goemon (Feb 04)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Tony Tauber (Feb 04)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Randy Bush (Feb 04)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Livingood, Jason (Feb 04)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Octavio Alvarez (Feb 04)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Livingood, Jason (Feb 04)
- RE: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Frank Bulk (Feb 04)