Math 011 (Re: "Default" Points on your Internet "Re: Re: Re:")
Rob Nelson
ronelson at vt.edu
Wed Jun 16 03:35:24 UTC 2004
>* I have an infected machine that pounds out attacks and exploits
> at high speeds, hurting thousands of systems hourly. Would you
> like it shut off? Probably. Do you not agree that this is
> grounds for disco/throttling/proxy -- at least temporarily?
Implementing bandwidth throttling or metering and capping your users is
probably going to be one of the best ways to deal with this. Saying that
'this kind of traffic" isn't permissible is not going to cut it.
What I think many people are trying to say is that it's just traffic -
you're treating it as a black box passing through your network. If it's
dented, has holes in it, or green crap is oozing out the bottom, you're
allowed to discard it. You might even say "No" if there's a lot of black
boxes per {$time interval}. You're just not able to look at it and say
"Hey, you don't need that!" Now you've got ISP's making judgement calls on
what traffic you actually want. This may be fine for mom and dad, but not
for most people (yes, most people - including mom and pops who play an
occassional game or use VoiP apps their kids installed).
Plus, what happens when we start getting virus'es that use SSL/SSH to
communicate? You're going to be SoL at determining packet contents at that
point...
Rob Nelson
ronelson at vt.edu
More information about the NANOG
mailing list