|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: New Denial of Service Attack on Panix
Alan Hannan writes: > Could we drop the SYN/Denial thread? It's becoming rather base. > > I think there are other larger issues at stake in the world, like > routing table growth, code problems, and short-thinking providers > who don't retain talent to intelligently/reliably grow their network. I think you are seriously underestimating the damage caused by this problem. We've already had at least one ISP nearly shut down by this, threatening people's livelyhoods. If someone shut down GI.NET with this tool, you would probably find it to be a pretty damn critical problem from your perspective. This is a far bigger immediate threat than routing table growth. If fixes aren't deployed soon, the internet will be in serious trouble. Luckily, as with most internet crises, we will deploy fixes and get around this -- the internet is not going to die. However, I will point out the reason that the internet doesn't die when we have crises is that we deploy fixes. We will survive this, BUT ONLY IF WE TAKE IT SERIOUSLY. I agree that in the *long term*, routing table growth is a bigger problem, since in six months we will have fully fixed this particular problem and routing tables will still be with us. However, if you think long and hard about the sorts of damage that could be done by a sufficiently psychopathic individual using this tool you will realize that having routes depends on having an internet that functions, and that keeping the internet functioning at all is no less important than having it function in the long term. We must fix this problem now, and until the majority of ISPs are filtering their outbound packets, the topic must remain important. So, if you want us to quit talking about it, please do your part. Is GI.NET filtering its outbound packets yet? Perry - - - - - - - - - - - - - - - - -
|