On Wed, 1 Nov 2000, John Fraizer wrote:
While I agree that it is unprofessional for your contact at a provider to ignore or be disrespectful of you regarding a DoS against an IRC server, it is just a fact of life that attacks against commercial entities will be treated with much higher priority than attacks against a non-revenue producing "service."Quite frankly, the pizza man comes in WAY above an IRC server in my book.
That is not true, since the attacks take down the whole ISP, and this is a commercial damage to the said ISP, which is counted in $$.
Quite frankly, unless the source of the attack lives on their network, they bear no responsibility, period, the end.They're providing transit.It's 1's and 0's with no discrimination.
Yes, but it seems others (AT&T for example) do not take the above point of view, and actually do provide a real service, and help track attackers that use their network. Even without filtering, backtracing an attack to it's source, with responsive abuse teams, can take about 10 hours, counting all the networking entities in the path of the attack. If said NSP would have been responsive, they'd see where the attack is coming from, and either conact the next in-line network entity on the path of the attack, or at least supply the details to the attacked ISP.
RFC1918 specifically addresses filtering routing information.Not spoofed addresses.It states "routing information about private networks shall not be propagated on inter-enterprise links, and packets with private source or destination addresses should not be forwarded across such links."Notice the placement of "shall" and "should."
Yes. But while it says should, it's obviously a good idea to implement. About spoofing, Cisco (and others) have simple cook book solutions of a few lines on your router's conf, that stop that. It just takes some selfless acts, and caring about others, to do that when you configure your own edge routers, being a good Netizen.
Now, in specific response to your question about eliminating electronic terrorism,it is doubtful.Doubtful that you'll ever: #1 spread enough clue around. #2 get everyone to cooperate.
Well, about #2, that is what I am hoping to achieve. Even if not EVERYONE will cooperate, then enough to have the big players in the game, to get something going. Otherwise, what you're saying, YES, terrorism is here to stay, BUT, we don't give a damn. Now, judging at what you see in the world today, while not ALL countries cooperate on terrorism issues (real life terror - bombs and stuff), there are a large number of countries that do, and this helps make it much harder on extremists to compromise your security. I guess you do like not having to look behind your shoulder when you go to work, right ? :) --Ariel
--- John Fraizer EnterZone, Inc
-- Ariel Biener e-mail: ariel@post.tau.ac.il Work phone: 03-6406086 fingerprint = 07 D1 E5 3E EF 6D E5 82 0B E9 21 D4 3C 7D 8B BC