Paul, Some very valid points here. I would be interested to see just what the legal definition of "network intrusion" is on a federal level with all of the recent computer-crime and anti-terrorism legislation sailing through the legislative branch. Regards, Christopher ---------- Original Message ---------------------------------- From: Paul A Vixie <vixie@vix.com> Date: Fri, 26 Oct 2001 00:07:05 -0700
Until there are standards and technology available to push subscriber policy to the edge of the network and beyond, the subscriber has explicitly accepted the overall terms and conditions by which the service is to be provided.
no. i do not agree to receive a smurf attack, no matter whether my contract with a nexthop fails to require them to prevent it from reaching me.
I am assuming in this discussion that when you refer to "benefit", you are in fact refering to "financial benefit".
no, there's no known financial benefit to smurfing me, but the entities who direct such attacks have positive motivation of some kind for doing so -- and i assure you that this benefit to them, whatever it is, is far greater than the benefit to me (which would have to be expressed in negative terms.)
another test for "welcome" is "if everybody did this, would the recipient be injured?"
An interesting hypothesis, but it is seldom the case that the sender of traffic knows the details of the recipients infrastructure.
i think it's reasonable for a smurfer to know that my infrastructure cannot tolerate multiplicitous input streams from tens of thousands of sources. just as a spammer can indeed know, without doubt, that if millions of senders, all at once, decided to send me unsolicited nonpersonal e-mail, that my inbox would not hold up well.
no specific knowledge is required in those cases. in those cases and in other cases where specific knowledge of my infrastructure is not necessary to determine that the traffic would be "not welcome", then it ought not be sent.
smurf, ddos in general, and spam also classify well by this criteria. it
Smurf and DDOS attacks are precisely that - attacks. They are intentionally initiated for the purpose of disrupting infrastructure or service. They are illegal.
in some places, they are illegal. in all places, they are "unwelcome." since a sender of this (or any) traffic may not know the laws in force at the place where the recipient host resides, the broader standard of "unwelcome" is more widely applicable than the narrow standard of "illegal."
of course, illegal things ought also not be done. but that'd be a new thread.