Are we really this helpless? (Re: isprime DOS in progress)

David Conrad drc at
Sat Jan 24 22:38:53 UTC 2009


On Jan 23, 2009, at 9:34 PM, Jack Bates wrote:
> David Conrad wrote:
>> Sad fact is that there are zillions of excuses.  Unfortunately I  
>> suspect the only way we're going to make any progress on this will  
>> be for laws to be passed (or lawsuits to be filed) that impose a  
>> financial penalty on ISPs through which these attacks propagate.
> Careful what you ask for. You might get it, and I'm sure the outcome  
> wouldn't be liked by any.

You misunderstand.  I am certainly not asking for it, in fact I  
consider it something of a tragedy that it appears the only way action  
can be taken is to take it away from technologists and give it to  
lawyers and politicians. And no, the outcome most likely won't be  
liked, just like CAN-SPAM was a sad joke.

> Getting sued because you had some stealth botnet that suddenly fires  
> up is not a good deal; and probably why ISP's still manage to hold  
> onto some immunities. OT, though, I'm sure.

It would seem that as ISPs implement DPI and protocol-specific traffic  
shaping, they damage the arguments that they can make claiming they  
have "common carrier" status with the inherent immunities that status  
provides.  I can hear the argument now: if an ISP can throttle  
BitTorrent (or whatever) for specific nodes, why can't they also limit  
the source addresses of packets coming from those nodes?


More information about the NANOG mailing list