Why won't providers source-filter attacks? Simple.

• Previous message (by thread): Why won't providers source-filter attacks? Simple.
• Next message (by thread): Why won't providers source-filter attacks? Simple.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 04/02/14 11:35, Jay Ashworth wrote:
> It *is in their commercial best interest (read: maximizing shareholder
> value) *NOT* to filter out DOS, DDOS, and spam traffic until their hand is
> forced -- it's actually their fiduciary duty not to.

That's short-sighted, but I agree in that that's what happens. Not 
filtering doesn't prevent them to operate.

> *THIS* is the problem we have to fix.

Source-based routing when going back to the backbone, at least on IPv6. 
It allows end-user multihoming with no BGP, and routers could be 
programmed to, by default, drop packages that don't know how to 
source-route, hence, automatically source filtering for those that don't 
care enough.

Difficult to do. Will take years to develop and adopt... if at all.

• Previous message (by thread): Why won't providers source-filter attacks? Simple.
• Next message (by thread): Why won't providers source-filter attacks? Simple.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]