Fwd: Re: Digital Island sponsors DoS attempt

Paul A Vixie vixie at vix.com
Fri Oct 26 07:07:05 UTC 2001


> Until there are standards and technology available to push subscriber
> policy to the edge of the network and beyond, the subscriber has
> explicitly accepted the overall terms and conditions by which the service
> is to be provided.

no.  i do not agree to receive a smurf attack, no matter whether my contract
with a nexthop fails to require them to prevent it from reaching me.

> I am assuming in this discussion that when you refer to "benefit", you are
> in fact refering to "financial benefit".

no, there's no known financial benefit to smurfing me, but the entities who
direct such attacks have positive motivation of some kind for doing so --
and i assure you that this benefit to them, whatever it is, is far greater
than the benefit to me (which would have to be expressed in negative terms.)

> > another test for "welcome" is "if everybody did this, would the recipient
> > be injured?" 
> 
> An interesting hypothesis, but it is seldom the case that the sender of
> traffic knows the details of the recipients infrastructure. 

i think it's reasonable for a smurfer to know that my infrastructure cannot
tolerate multiplicitous input streams from tens of thousands of sources.  just
as a spammer can indeed know, without doubt, that if millions of senders,
all at once, decided to send me unsolicited nonpersonal e-mail, that my inbox
would not hold up well.  

no specific knowledge is required in those cases.  in those cases and in other
cases where specific knowledge of my infrastructure is not necessary to
determine that the traffic would be "not welcome", then it ought not be sent.

> > smurf, ddos in general, and spam also classify well by this criteria.  it
> 
> Smurf and DDOS attacks are precisely that - attacks.  They are
> intentionally initiated for the purpose of disrupting infrastructure or
> service.  They are illegal.

in some places, they are illegal.  in all places, they are "unwelcome."  since
a sender of this (or any) traffic may not know the laws in force at the place
where the recipient host resides, the broader standard of "unwelcome" is more
widely applicable than the narrow standard of "illegal."

of course, illegal things ought also not be done.  but that'd be a new thread.



More information about the NANOG mailing list