|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: FW: Re: Is there a line of defense against Distributed Reflective attacks?
Andy - ----- Original Message ----- From: "Andy Dills" <[email protected]> To: "todd glassey" <[email protected]> Cc: "Vadim Antonov" <[email protected]>; <[email protected]> Sent: Wednesday, January 22, 2003 9:07 AM Subject: Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? > On Tue, 21 Jan 2003, todd glassey wrote: > > > > > Vadim - the newest form of SPAM uses the Messenger facility to place a > > pop-up in the middle of your screen without any email, pop, smtp or other > > service being involved. I apologize for the tone of the first posting, but I > > still stand by it. When ISP's are held accountable for what people do with > > the BW they sell them, then these issues will all be moot. Until then, the > > lie is that there is no way to stop these behaviors and its the one the > > ISP's proffer exclusively. > > No, we evil network admins are NOT saying there is no way to stop these > behaviors. We're saying that the solutions put such a crimp on open > standards and legitimate behavior that their value is negative. Who gave you the right to decide which laws you were going to abide by and which ones you were not? > The > problem is a social one, not a technical one. The technical problem is the > vulnerability that exists; the social problem is that as long as ANY > vulnerability exists, people will try to exploit that vulnerability. The reason that the vunerability is there is becuase of TCP/IP's inherent weaknesses, but that aside, there are processes that could easily be put in place to address these issues, the problem is that they cost money and that means they have to be paid for and ISP's like many other businesses are run to be as profitable as possible so that means that their owners will do as little as humanly possible to address these issues to keep the bottom lines where they are... Otherwise there wouldn't be the problems with SPAM and DDoS or other Attack Forms that exist today. > Technology can mitigate the vulnerabilities, but it cannot mitigate the > desire to exploit. So then the problem is the ISP's facilitating the evil forces of the world to do their worst??? > > For instance, substitute "airport" for "network", as in "airport > security". Well, this is really funny - see I used to do Network and Systems Operations for UAL at the SFO site and I think your commentary is so funny its almost ludicrous. The problems with the Airlines is the ALPA and its membership and the various other Unions that have a strangle hold on the carriers. You folks are not unionized are you? > There are ways for law enforcement to be 100% positive that no > terrorists ever steps foot on a plane. Unfortunately, the cost involved, > along with the reduction in efficiency, would make normal travel > impossible. The same is not true of networking though. > > > Do you try to hold realestate developers responsible for what the > homeowner does with their house? Do you try to hold the power company > responsible for the people who use their electricity to grow weed? of course not - but I do hold the provider responsible for not enforcing the laws regarding digital fraud. And everytime one of your email servers passes a forged email along another hop in its trip, you actively participate in the fraud, so you are not the grower of the weed but rather the reseller of it. > > I assume you were beating down the doors of Congress, tyring to get rock > artists to be responsible for the people who committed suicide after > listening to their albums? Hardly, and Tipper and I disagree on many things. > > Andy > > xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > Andy Dills 301-682-9972 > Xecunet, LLC www.xecu.net > xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > Dialup * Webhosting * E-Commerce * High-Speed Access >
|