smurf, the MCI-developed tracing tools (was Re: Bogus announcement)

Mon Dec 29 03:05:58 UTC 1997

Ken Leland put this into my mailbox:

> sure thing Karl, but its a virtual requirement that zillions of nets are 
> ignoring, and getting 99.99 percent compliance will take serious time, if
> it is even doable. Without very high compliance the smurfkids will have
> readily available, low-bandwidth launch points that are the devil to
> trace. We need interim solutions, and icmp-echo-reply filtering is
> what we've got, *if* the backbones will continue to provide it.

I suspect the problem is that most nets were set up by consultants, and
the people working at these companies/schools/whatever were instructed
'not to touch the internet box'. The consultant, then, is either no longer
employed by the site or doesn't know about this (your average Novell CNE
probably doesn't subscribe to NANOG).

Perhaps if there were some sort of incentive; Ms. Hubbard and the InterNIC
could make even more money by imposing some sort of penalty for
noncompliance. They could even charge money for sites that don't read
(or have) postmaster@ e-mail, and perhaps charge penalties for domains
with out-of-date contact information, and make even more money.

(Sorry; I've got an enormous flame about ARIN bottled up just looking
for a venue; I promise I won't send it to NANOG.)

Seriously, though, if nobody comes up with an incentive so that it will
be harmful for sites NOT to implement these filters, folks can piss into
the wind all they like, and absolutely nothing will happen. Spoofing has
been a real problem for over a year now, and has shown no signs of going
away.

-dalvenjah

-- 
 Dalvenjah FoxFire (aka Sven Nielsen)  I bet living in a nudist colony takes
 Founder, the DALnet IRC Network       all the fun out of Halloween.

 e-mail: dalvenjah at dal.net             WWW: http://www.dal.net/~dalvenjah/
 whois: SN90                           Try DALnet! http://www.dal.net/