Are we really this helpless? (Re: isprime DOS in progress)
Mark Andrews
Mark_Andrews at isc.org
Sun Jan 25 02:05:06 UTC 2009
In message <d99aaed40901241734g691cd581q20e9c88eb76093b7 at mail.gmail.com>, Marti
n Hannigan writes:
> On Sat, Jan 24, 2009 at 8:01 PM, Mark Andrews <Mark_Andrews at isc.org> wrote:
>
> >
> > In message <8C5F1FEC-FF51-4BA2-A762-C13BC275E806 at virtualized.org>, David
> > Conrad writes:
> > > It would seem that as ISPs implement DPI and protocol-specific traffic
> > > shaping, they damage the arguments that they can make claiming they
> > > have "common carrier" status with the inherent immunities that status
> > > provides. I can hear the argument now: if an ISP can throttle
> > > BitTorrent (or whatever) for specific nodes, why can't they also limit
> > > the source addresses of packets coming from those nodes?
> >
> > They can and should. I suspect many of them do as they
> > usually apply these filters to home networks.
> >
> > BCP 38 is ~10 years old now. It should have been factored
> > into the purchasing decision of all the current equipement.
> > If it wasn't then the operator was negligent.
> >
> Mark
> >
> >
> BCP 38 isn't a license, it's a technique.
There are plenty of cases in common law where as a owner
of something and you havn't taken reasonable steps to protect
or prevent injury that, were well known, you will be proved
to be negligent.
BCP 38 is falling into that sort of category.
Every operator here should be worried about what will happen
when someone decides to sue them to recover damaged caused
by spoofed traffic. It's just a matter of time before this
happens. Remember every router inspects packets to the
level required to implement BCP 38. This is not deep packet
inspection. This is address inspection which every router
performs.
Did you know about "BCP 38"?
What steps did you take to implement "BCP 38"?
I suspect that a lawyer will be able to demonstrate to a
judge that even as a common carrier that a operator should
have been deploying BCP 38.
Mark
> --
> Martin Hannigan martin at theicelandguy.com
> p: +16178216079
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the NANOG
mailing list