North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Solution: Re: Huge smurf attack
On Wed, 13 Jan 1999, Phil Howard wrote: > So my position is that until we do have a practical solution to solve the > cause of the problem, we simply have to deal with the effects the best we > can, and this does mean dealing with and addressing the symptoms so that > we do not suffer the effects. I have to admit, your logical extension of my argument is valid. I suppose if we really wanted to fix the true case of the problem we would track down the parents of the abusers and punish them for not raising their kids properly. My choice of words was rather poor. > The question is just what steps are the ones we should do. Right. The idea that I was attempting to get across is that the problem should be treated as close to the source as possible, and to treat the problem in the most user invisible manner possible. I do not believe that it is unreasonable to get networks that have not blocked amplifiers to do so. I also don't believe that it's unreasonable to get backbone providers to block spoofed traffic. Sure, it's definitely more difficult than just throwing some filtering at the problem, but I think it's worth the extra effort if it means that we still have access to a valuable tool like ping. If we as an industry push our vendors hard enough to get these features enabled by default in their equipment, then when a customer buys a new CPE router, they're one less problem to worry about. > I admire Mindspring's position of making Internet access unrestricted. > But what is the real motivation? Is it the goal of "perfect IP" or is > the business case of decreasing tech support costs? They are, afterall, > in the business of providing consumer dialup access, and as we all know > that line of business is very costly in areas of tech support. Network > attacks are also a real cost. I would suggest that treating some of the > symptoms, at least for now, will cut some costs until the day that we > can achieve the utopian goal of the perfect solution to the cause. The real motivation really is to provide unrestricted network access. Sure we're out to make money, we are a business after all, but we also have a set of ideals that we try to live up to as well. Regardless, even from a strict monetary point of view, while the smurf attacks against us are most certainly harmful, they don't cost us nearly as much as the tech support calls blocking ICMP echo would generate. Brandon Ross Network Engineering 404-815-0770 800-719-4664 Director, Network Engineering, MindSpring Ent., Inc. firstname.lastname@example.org ICQ: 2269442 Stop Smurf attacks! Configure your router interfaces to block directed broadcasts. See http://www.quadrunner.com/~chuegen/smurf.cgi for details.