do not filter your customers
Steven Bellovin
smb at cs.columbia.edu
Fri Feb 24 18:10:23 UTC 2012
On Feb 24, 2012, at 7:46 40AM, Danny McPherson wrote:
>
> On Feb 23, 2012, at 10:42 PM, Randy Bush wrote:
>
>> the problem is that you have yet to rigorously define it and how to
>> unambiguously and rigorously detect it. lack of that will prevent
>> anyone from helping you prevent it.
>
> You referred to this incident as a "leak" in your message:
>
> "a customer leaked a full table"
>
> I was simply agreeing with you -- i.e., looked like a "leak", smelled
> like a "leak" - let's call it a leak.
>
> I'm optimistic that all the good folks focusing on this in their day
> jobs, and expressly funded and resourced to do so, will eventually
> recognize what I'm calling "leaks" is part of the routing security
> problem.
>
Sure; I don't disagree, and I don't think that Randy does. But just
because we can't solve the whole problem, does that mean we shouldn't
solve any of it?
As Randy said, we can't even try for a strong technical solution
until we have a definition that's better than "I know it when I see it".
--Steve Bellovin, https://www.cs.columbia.edu/~smb
More information about the NANOG
mailing list