Legislative proposal sent to my Congressman

Larry Sheldon larrysheldon at cox.net
Mon Oct 3 22:36:27 UTC 2016


On 10/3/2016 13:58, Stephen Satchell wrote:
> In thinking over the last DDos involving IoT devices, I think we don't
> have a good technical solution to the problem.  Cutting off people with
> defective devices they they don't understand, and have little control
> over, is an action that makes sense, but hurts the innocent.  "Hey,
> Grandma, did you know your TV set is hurting the Internet?"
>
> It's the people who foist bad stuff on the people who need to take the
> responsibility.  Indeed, with enough moxie, we could avoid the net
> saturation problem in the first place.
>
> My proposal, as I sent it to my US House Representative:
>

[much snipping]


> Why not nip the IoT problem in the bud?

Why not, indeed?  (Full disclosure:  I am not and have not for some 
years been active in management of any networks, and I AM woefully 
behind the state of the arts.)

Having said that, it occurs to me that Mr. Satchell's proposal (and most 
of the others I have read about here and elsewhere lately) are doomed to 
the same failure as Chicago's plan for reducing illegal deaths by 
firearm, and for much the same reason (discussion of which here I will 
spare you.

Back in the day, I was fighting a problem that I summarized (then and 
now) as trying to stop the use and abuse of the University's (that 
employed me) 56kb Frame Relay link to the Internet.  Then as now I 
defined "abuse" as the use of our facilities for purposes that no 
stretch of imagination or definition could be said to be to the 
University's benefit.

Through some experimentation I concluded that there were several clearly 
identifiable sources of abuse.  I disremember the ordering by severity 
but they included:

Outright attacks on the University and others.
Myriad "scans" for a variety of reasons.

The first of these two I remember as being the worst (in terms of 
item-count AND in terms of packet-size.  I also recall it being the 
easiest to fix, if anybody want to fix it.  (The dominant reasons  given 
where that it would cost money without a revenue stream, and it would 
reduce traffic that WAS in the revenue stream.  The fix I proposed: 
Require (by law) that every service provider and every origination 
customer of a service provider would under penalty of law, block the 
transmission of a packet whose source address could not be reached via 
the link upon which it was found.

The Myriad scans problem was a little harder (for among other 
reasons--the argument that they were good for us, even though they 
accounted for something like 60% of the traffic on that link).  The 
solution I tried but ran out of dollars on was to detect somebody 
scanning and route them to the Loopback interface of the boundary router.
-- 
"Everybody is a genius.  But if you judge a fish by
its ability to climb a tree, it will live its whole
life believing that it is stupid."

--Albert Einstein

 From Larry's Cox account.


More information about the NANOG mailing list