Are we really this helpless? (Re: isprime DOS in progress)
drc at virtualized.org
Sat Jan 24 16:38:53 CST 2009
On Jan 23, 2009, at 9:34 PM, Jack Bates wrote:
> David Conrad wrote:
>> Sad fact is that there are zillions of excuses. Unfortunately I
>> suspect the only way we're going to make any progress on this will
>> be for laws to be passed (or lawsuits to be filed) that impose a
>> financial penalty on ISPs through which these attacks propagate.
> Careful what you ask for. You might get it, and I'm sure the outcome
> wouldn't be liked by any.
You misunderstand. I am certainly not asking for it, in fact I
consider it something of a tragedy that it appears the only way action
can be taken is to take it away from technologists and give it to
lawyers and politicians. And no, the outcome most likely won't be
liked, just like CAN-SPAM was a sad joke.
> Getting sued because you had some stealth botnet that suddenly fires
> up is not a good deal; and probably why ISP's still manage to hold
> onto some immunities. OT, though, I'm sure.
It would seem that as ISPs implement DPI and protocol-specific traffic
shaping, they damage the arguments that they can make claiming they
have "common carrier" status with the inherent immunities that status
provides. I can hear the argument now: if an ISP can throttle
BitTorrent (or whatever) for specific nodes, why can't they also limit
the source addresses of packets coming from those nodes?
More information about the NANOG