North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Is there a line of defense against Distributed Reflective attacks?

  • From: alex
  • Date: Mon Jan 27 15:59:18 2003

> alex> This is a very bad band-aid. The solution is amazingly simple -
> 
> Just to be clear, the solution to WHAT is amazingly simple?
> 
> alex> make it uneconomical to have unprotected networks,
> 
> For whom to have unprotected networks?  What constitutes a protected
> network?  How does one make it uneconomical enough?

The amazingly simple solution is to make it uneconomical for anyone to
maintain unprotected network (for whatever two sets uneconomical and
unprotected are). For example, have a machine that had been broken into and
used to attack a company which lost $5M because of that attack, make whoever
owns the machine was broken into pay $5M + attorney frees + punitive
damages. Suddently, the unprotected (for whatever the definition of
unprotected is) networks disappear either due to the bankruptcy of the owner
or because it becomes cheaper for the owner to maintain those unprotected
networks rather than face monetary penalties.

Alex