On Wed, 7 May 2003, Niels Bakker wrote:
--- Scott Granados <scott@wworks.net> wrote:
Unless you actually call UUnet and your not a customer, God help you then.
* thegameiam@yahoo.com (David Barak) [Wed 07 May 2003, 15:24 CEST]:
Well, I don't have a whole lot of sympathy for this - how many (non-networking) companies will do things which don't benefit their customers on behalf of someone who is not a customer (and shows no sign of becoming one)? I can't think of any offhand, and I don't think that a whole lot would show up in an exhaustive search.
I'd have thought having a customer *not* waste all their outgoing bandwidth on useless data such as participating in a DoS attack would make for a happier customer.
This is, of course, true, and happier customers are a good thing. Unfortunately, there are MANY customers that just don't know that they are the source of someone else's troubles :( Not to mention customers with 'lots' of bandwidth who don't even notice 100mbps of 'extra' traffic :( It sounds whacky, but it is true, sadly. This also only matters if you can pin the traffic down to a far end customer, which is not always the case with spoofed attacks for instance... (from the attackee perspective that is)
If you're one of those believers in only your own bottom line, perhaps the liability stick is a good on to wave in your general direction in cases like this? (not stating that you are negligent when advised of DoS attacks in progress, of course)
Hmm, as with any large carrier (I think) UUNET (mci/ex-wcom/whomever-we-are-for-now but UUNET works for me) will always attempt to do the right thing with respect to the customer being attacked. We do hope that customers ATTACKING folks will do the right thing also and stop the pain on themselves and others. We have on many occasions contacted these folks and requested their help in stopping the pain... If we do trace traffic back we always filter there if possible, why bother transitting the traffic if we are just going to drop it on the far side? The sad reality here is that not all customers are reachable all the time, not all are interested in stopping the traffic, and not all know how to stop the traffic :(