monkeys.dom UPL being DDOSed to death
Joe Abley
jabley at isc.org
Tue Sep 23 22:00:24 UTC 2003
On Tuesday, Sep 23, 2003, at 17:32 Canada/Eastern,
Valdis.Kletnieks at vt.edu wrote:
> On Tue, 23 Sep 2003 14:15:48 PDT, Dan Hollis said:
>
>> china seems hellbent on becoming a LAN. i see the same thing
>> eventually
>> happening to networks which refuse to deal with their ddos sources.
>
> Well.. that's all fine and good, except we first need one large player
> to
> put their foot down and say "That's enough of this manure, we're
> depeering
> you and blocking your prefixes till you clean up your act".
>
> Once *one* big player does that, your "eventually happening" will be
> pretty fast.
In my recent experience, many, many network operators in North America
and Europe who are really, really bad at tracking back source-spoofed
DDoS traffic through their networks (there are also some notable, fine
exceptions I've dealt with recently, who know who they are and should
not feel slighted by this generality).
If transit was uniformly denied to every operator who was not equipped
to deal with DDoS tracking in a timely manner, I think 90% of the
Internet would disappear immediately.
This is not just an Asian problem.
(Incidentally, I think if one big player suddenly decided to throw away
the millions of dollars of revenue they earn through providing transit
to east Asian countries, the likely effect would be another grateful
big player leaping in to take over. I don't see a future in which the
well-being of users in other peoples' networks trumps income.)
Joe
More information about the NANOG
mailing list