Selon "Christopher L. Morrow" <chris@UU.NET>:
On Thu, 28 Aug 2003, variable@ednet.co.uk wrote:
On Thu, 28 Aug 2003, Christopher L. Morrow wrote:
Rate-limiting ICMP is 'ok' if you, as the provider, think its worthwhile and you, as the provider, want to deal with the headache phone calls...
Would it be fair to say that UUNET haven't been asked by Homeland Security to do the rate limiting that GLBX claim they have been asked to do? Has
That is not fair at all :) DHS asked 'all ISPs' to filter 'all relevant traffic' for this latest set of MS worm events. Some ISPs did the filtering in part or in whole, others didn't...
I would think that any ISP should have made the decision to take action not based on DHS's decree, but on the requirements of their network. So, if the ISP's network was adversely impacted by this even, or any other, they should take the action that is appropriate for their situation. That action might be to filter some or all of the items in DHS's decree, it might be to drop prefixes on the floor or turn down customers, or a whole host of other options.
Doing things for the govt 'because they asked nicely' is not really the best of plans, certianly they don't know the mechanics of your network, mine, GBLX's, C&W's or anyone elses... they should not dictate a solution. They really should work with their industry reps to 'get the word out' about a problem and 'make people aware' that there could be a crisis. Dictating solutions to 'problems' that might not exist is hardly a way to get people to help you out in your cause :) Oh, and why didn't they beat on the original software vendor about this?? Ok, no more rant for me :)
anyone else been asked to rate limit by the U.S. Department of Homeland Security?
Just about everyone with a large enough US office was asked by DHS, in a public statement...
Rough agreement; with a fair amount of <innocence>... : what about attemtpting to approach the (at least current) ROOT CAUSE(S) albeit likely fairly (even more than patching the outcome) cumbersome (but in the long run..)... </innconcence> ;) <ohh> -- if having bought a car I discover the brakes doesn't really do their job (in spite of the car, considering other aspects, being (easy|nice) to drive :), I'd rather (chat|complain) with the vendor, than asking the highway provider to patch my way along.. building cotton walls.. ('cause I wouldn't want my highway provider limit my driving experience in the case I eventually run into a better performing car..). More subtle highway speed versus security considerations... neglected, of course :) </ohh> mh -- Michael Hallgren, http://m.hallgren.free.fr/, mh2198-ripe