Schneier: ISPs should bear security burden

Barry Shein bzs at world.std.com
Fri Apr 29 20:09:24 UTC 2005



On April 28, 2005 at 09:09 adil at adis.on.ca (Adi Linden) wrote:
 > > Its not up to the ISP to determine outbound malicious traffic, but its up
 > > to the ISP to respond in a timely manner to complaints. Many (most?) do not.
 > 
 > If they did their support costs would explode. It is block the customer,
 > educate the customer why they were blocked, exterminate the customers PC,
 > unblock the customer. No doubt there'll be a repeat of the same in short
 > time.


This mantra is often repeated but their costs are going to explode
anyhow as the defensive blocking of them goes on, world-wide, and
their customers want to know why they can no longer send email or
browse in random, and ever-growing, chunks of IP space (and,
frustrated, find new providers.)

Only that situation is going to be much more expensive to fix since
it's others' IP space they'll need to get policy changes in, not their
own.

        -Barry Shein

Software Tool & Die    | bzs at TheWorld.com           | http://www.TheWorld.com
Purveyors to the Trade | Voice: 617-739-0202        | Login: 617-739-WRLD
The World              | Public Access Internet     | Since 1989     *oo*




More information about the NANOG mailing list