Global Blackhole Service
chris_jester at suavemente.net
Fri Feb 13 17:56:50 UTC 2009
Listen online to my favorite hip hop radio station http://www.Jellyradio.com
On Feb 13, 2009, at 9:35 AM, Paul Vixie <vixie at isc.org> wrote:
> blackholing victims is an interesting economics proposition. you're
> the attacker must always win but that they must not be allowed to
> affect the
> infrastructure. and you're saying victims will request this, since
> they know
> they can't withstand the attack and don't want to be held
> responsible for
> damage to the infrastructure.
> where you lose me is where "the attacker must always win".
Perhaps removing the challenge from the attacker will bore them and
they lose interest? However if an attackers goal is to put someone
out of business, they will keep it up until the deed is done.
Identifying the attacker is important. They must be the one who is in
trouble, not the victim.
We have seen attackers extorting customers for money with things like
"100k wired to Nevis bank account or attack continues".
In any case I do not believe a victim should be responsible for
infrastructure damage caused by some random criminal attacking them.
While I understand that it's that customer receiving the attack; the
providers must work with the customer to trace it back to the source.
A hacker who thinks the customer is on a security weak provider will
return seeking your other customers. However if the hacker feels you
are security savvy then he may choose another target. Everyone wins.
Also, rather than penalize the victim for damage, you could always
unplug them to interdict the damage.
By going after the hacker, you could prosecute and perhaps gain some
nice press/media about the strength of your orginization as a side
dish to the satisfying meal of eating your enemy?
More information about the NANOG