Re: Fwd: Re: Digital Island sponsors DoS attempt

["Christopher Wolff" <chris () bblabs com>]

Paul,

Some very valid points here.  I would be interested to see just what the legal definition of "network intrusion" is on 
a federal level with all of the recent computer-crime and anti-terrorism legislation sailing through the legislative 
branch.

Regards,
Christopher

---------- Original Message ----------------------------------
From: Paul A Vixie <vixie () vix com>
Date: Fri, 26 Oct 2001 00:07:05 -0700

> > Until there are standards and technology available to push subscriber
> > policy to the edge of the network and beyond, the subscriber has
> > explicitly accepted the overall terms and conditions by which the service
> > is to be provided.
>
> no.  i do not agree to receive a smurf attack, no matter whether my contract
> with a nexthop fails to require them to prevent it from reaching me.
>
> > I am assuming in this discussion that when you refer to "benefit", you are
> > in fact refering to "financial benefit".
>
> no, there's no known financial benefit to smurfing me, but the entities who
> direct such attacks have positive motivation of some kind for doing so --
> and i assure you that this benefit to them, whatever it is, is far greater
> than the benefit to me (which would have to be expressed in negative terms.)
>
> > > another test for "welcome" is "if everybody did this, would the recipient
> > > be injured?" 
> >
> > An interesting hypothesis, but it is seldom the case that the sender of
> > traffic knows the details of the recipients infrastructure. 
>
> i think it's reasonable for a smurfer to know that my infrastructure cannot
> tolerate multiplicitous input streams from tens of thousands of sources.  just
> as a spammer can indeed know, without doubt, that if millions of senders,
> all at once, decided to send me unsolicited nonpersonal e-mail, that my inbox
> would not hold up well.  
>
> no specific knowledge is required in those cases.  in those cases and in other
> cases where specific knowledge of my infrastructure is not necessary to
> determine that the traffic would be "not welcome", then it ought not be sent.
>
> > > smurf, ddos in general, and spam also classify well by this criteria.  it
> >
> > Smurf and DDOS attacks are precisely that - attacks.  They are
> > intentionally initiated for the purpose of disrupting infrastructure or
> > service.  They are illegal.
>
> in some places, they are illegal.  in all places, they are "unwelcome."  since
> a sender of this (or any) traffic may not know the laws in force at the place
> where the recipient host resides, the broader standard of "unwelcome" is more
> widely applicable than the narrow standard of "illegal."
>
> of course, illegal things ought also not be done.  but that'd be a new thread.