Open Resolver Problems

• Previous message (by thread): Open Resolver Problems
• Next message (by thread): Open Resolver Problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* jared at puck.nether.net (Jared Mauch) [Mon 01 Apr 2013, 22:24 CEST]:
>I would say this is the wrong solution.  Prevent your customers from 
>spoofing is the first step, then ask them to fix their broken CPE.

I daresay that after ten years of discussion NANOG has reached 
consensus that implementing BCP38 is a good thing and that all 
networks should be encouraged to do so.

Net neutrality has not been discussed completely to death yet but I'm 
pretty confident in stating that squeezing consumer connections 
further down each time some blog hypes up yet another "The Internet is 
melting!" threat won't scale.


>If NETGEAR is listening on the WAN side vs the LAN/INSIDE they need 
>to step up and issue fixed firmware, even if the device is older.  
>Should be a simple fix.

I don't think anybody would disagree with this statement.  Netgear did 
get into action when they DDoS'ed a university's NTP servers; perhaps 
similar sticks can be shaken in this case.

(Is Netgear one of the brands involved?  Usually they're better.
  Pardon me for not reading the whole thread and the other five)


>I think it's easier to just classify an open-resolver similar to an 
>open-relay without having to invoke the consumer mindset.

Two posts up in this thread we were talking about net-wide blocks 
without individual proof of open relay or equivalent status.


	-- Niels.

• Previous message (by thread): Open Resolver Problems
• Next message (by thread): Open Resolver Problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]