Paul A Vixie writes:
IMHO, as long as money is involved, and as long as someone thinks that they have a chance of getting away with something, they will try it.
Entirely agreed. On the other hand I have what is turning out to be a unique (here) point of view about this. I don't want to prevent this kind of theft -- I want to discover it, and remove perpetrators from any IXP where they try it. I don't want to block it. I want to ensure that it is never tried twice. I appear to be in the minority wrt this view.
From a resource availability point of view, most of us would rather lock our houses than set up a sting operation.
From an operational integrity perspective, I find it difficult to argue that I should leave my infrastructure exposed to a potential problem - even though a technical solution is available to minimize it - just so that I can catch someone in the act and make an example of them.
Ideally you want to be able to detect this specific abuse. The same tools can be useful in diagnosis of pathological problems or for collection of statistics. This filtering is not unlike the concept of a screening table in SMDS where packets are filtered on source and destination E.164 addresses by the SMDS switch. Works fairly well. Some of these switches have software that issues alerts when the screening fails. If they dont already, would the Gigaswitch folks add another knob to send traps or alerts when an access violation happens ? --pushpendra Pushpendra Mohta pushp@cerf.net +1 619 455 3908