monkeys.dom UPL being DDOSed to death

Joe Abley jabley at isc.org
Tue Sep 23 22:00:24 UTC 2003



On Tuesday, Sep 23, 2003, at 17:32 Canada/Eastern, 
Valdis.Kletnieks at vt.edu wrote:

> On Tue, 23 Sep 2003 14:15:48 PDT, Dan Hollis said:
>
>> china seems hellbent on becoming a LAN. i see the same thing 
>> eventually
>> happening to networks which refuse to deal with their ddos sources.
>
> Well.. that's all fine and good, except we first need one large player 
> to
> put their foot down and say "That's enough of this manure, we're 
> depeering
> you and blocking your prefixes till you clean up your act".
>
> Once *one* big player does that, your "eventually happening" will be 
> pretty fast.

In my recent experience, many, many network operators in North America 
and Europe who are really, really bad at tracking back source-spoofed 
DDoS traffic through their networks (there are also some notable, fine 
exceptions I've dealt with recently, who know who they are and should 
not feel slighted by this generality).

If transit was uniformly denied to every operator who was not equipped 
to deal with DDoS tracking in a timely manner, I think 90% of the 
Internet would disappear immediately.

This is not just an Asian problem.

(Incidentally, I think if one big player suddenly decided to throw away 
the millions of dollars of revenue they earn through providing transit 
to east Asian countries, the likely effect would be another grateful 
big player leaping in to take over. I don't see a future in which the 
well-being of users in other peoples' networks trumps income.)


Joe




More information about the NANOG mailing list