Re: Few questions to the american ISPs [Re: DDOS anecdotes]

["Alexei Roudnev" <alex () relcom EU net>]

Yes.

But 99% of the cable/provbider customers are residential ones, and so are not
multy-home, so simple
_SRC filtering by default_ implemented by the hw vendor can help.

And notice, thet this _cable residential users_ are most affected to the hackers
because they areusially non-skilled and non-professionals, and so it's very
important to prevent hackers from abusing them at least as a source for the DDOS
attacks.

(and for me the weakness of this customers looks like a great danger - they really
are very affected to be broken and abused, and (on the other hand) they make a
bridge to the more serious hacking because they have some passwords/logins on
their home sites).

----- Original Message -----
From: "Christopher A. Woodfield" <rekoil () semihuman com>
To: "Alexei Roudnev" <alex () relcom EU net>
Cc: <nanog () merit edu>; "Sean M. Doran" <smd () clock org>
Sent: Saturday, June 23, 2001 5:56 PM
Subject: Re: Few questions to the american ISPs [Re: DDOS anecdotes]


> At a conference in late 1999, UUNet announced that they had anti-spoof
> filters in place on their dialup ports. Not that that amount to much in
> contrast to teh amount of spoofed DDOS traffic from cable providers, mind
> you...IIRC, it's the cable providers that need to put up the anti-spoofing
> filters the most.
>
> -C
>
> > - any big ISP have skilled security person available. When I worked in Russia,
it
> > took 10 - 15 minutes to contact your ISP and install such filters; for EUnet,
it
> > took 20 minutes; for TELIA, it was the same. For any amertican ISP, it took a
week
> > (UUnet was an exception)...
> > - all cable providers will have src address filters, so preventing src address
> > frauding.
>
> --
> ---------------------------
> Christopher A. Woodfield rekoil () semihuman com
>
> PGP Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB887618B