Re: Fw: GLBX ICMP rate limiting (was RE: Tier-1 without their own backbone?)

[Michael Hallgren <m.hallgren () free fr>]

Selon "Christopher L. Morrow" <chris () UU NET>:

> On Thu, 28 Aug 2003, variable () ednet co uk wrote:
>
> > On Thu, 28 Aug 2003, Christopher L. Morrow wrote:
> >
> > > Rate-limiting ICMP is 'ok' if you, as the provider, think its worthwhile
> > > and you, as the provider, want to deal with the headache phone calls...
> >
> > Would it be fair to say that UUNET haven't been asked by Homeland Security
> > to do the rate limiting that GLBX claim they have been asked to do?  Has
>
> That is not fair at all :) DHS asked 'all ISPs' to filter 'all relevant
> traffic' for this latest set of MS worm events. Some ISPs did the
> filtering in part or in whole, others didn't...
>
> I would think that any ISP should have made the decision to take action
> not based on DHS's decree, but on the requirements of their network. So,
> if the ISP's network was adversely impacted by this even, or any other,
> they should take the action that is appropriate for their situation. That
> action might be to filter some or all of the items in DHS's decree, it
> might be to drop prefixes on the floor or turn down customers, or a whole
> host of other options.
>
> Doing things for the govt 'because they asked nicely' is not really the
> best of plans, certianly they don't know the mechanics of your network,
> mine, GBLX's, C&W's or anyone elses... they should not dictate a solution.
> They really should work with their industry reps to 'get the word out'
> about a problem and 'make people aware' that there could be a crisis.
> Dictating solutions to 'problems' that might not exist is hardly a way to
> get people to help you out in your cause :) Oh, and why didn't they beat
> on the original software vendor about this?? Ok, no more rant for me :)
>
> > anyone else been asked to rate limit by the U.S. Department of Homeland
> > Security?
>
> Just about everyone with a large enough US office was asked by DHS, in a
> public statement...


Rough agreement; with a fair amount of

<innocence>... : what about attemtpting to approach the (at least current)
ROOT CAUSE(S) albeit likely fairly (even more than patching the outcome)
cumbersome (but in the long run..)... 
</innconcence> ;) 


<ohh>
-- if having bought a car I discover the brakes doesn't really do their job
(in spite of the car, considering other aspects, being (easy|nice) to
drive :), I'd rather (chat|complain) with the vendor, than asking the 
highway provider to patch my way along.. building cotton walls.. ('cause
I wouldn't want my highway provider limit my driving experience in the
case I eventually run into a better performing car..). More subtle highway
speed versus security considerations... neglected, of course :)
</ohh>

mh


-- 
Michael Hallgren, http://m.hallgren.free.fr/, mh2198-ripe