North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: GRC rides again...

  • From: Chris Rapier
  • Date: Mon Jul 02 10:53:46 2001


David Howe wrote:
> 
> ... With yet another "update" to the DDos pages.
> http://grc.com/dos/intro.htm
> and I quote:
> 
> > * ISP's are responsible for preventing the transportation of
> obviously-fraudulent
> > and easily blocked Internet traffic.
> >
> > Because the responsibility for a safe and secure Internet is just as
> distributed as the
> > Internet's technology, we must work together to bring about the required
> changes.
> >
> > Unfortunately, today we see only the operation of blind self-interest from
> > Microsoft and the Internet's ISP's
> 
> As I seem to recall several members of this list offered him help (and were
> rebuffed) perhaps they would like to comment? He seems increasingly lost in
> a fantasy world where everyone is out to get him....

My feeling is that he's missing some clues regarding the necessary
realities of the situation. Its not so much a matter of laziness,
avarice, or incompetence as much as it is a matter of the internet
working the way it is supposed to. There is no way an ISP could block
all, or even most, of the fraudulent traffic that is traversing their
networks without resorting to draconian tactics that would, possibly,
drive them out of business. There are certain steps they can take
(source address filtering) which they should be doing anyway but this
network has been designed to be a leaky seive. 

I'm also sure that XP might increase the number of spoofed packets
running through the network. If that spurs more ISPs to use source
address filtering them thats a good thing. Even if they don't it is
possible to track down where a spoofed IP is coming from - its more of a
social engineering issue than a technical one.