Yep, one way is to give economic penalty. But how about giving the _good_ ISPs economic reward? Say, some transit ISPs deploy anti-spoofing techniques (e.g. uRPF), but only filter those spoofing packets whose destination is the ASes having purchased their *anti-spoofing service* ? Bingyang On Wed, Mar 28, 2012 at 6:41 PM, <goemon@anime.net> wrote:
On Wed, 28 Mar 2012, David Conrad wrote:
Actually, given the uptick in spoofing-based DoS attacks, the ease in which such attacks can be generated, recent high profile targets of said attacks, and the full-on money pumping freakout about anything with "cyber-" tacked on the front, I suspect a likely outcome will be proposals for legislation forcing ISPs to do something like BCP38.
Exactly.
Either do it voluntarily or it will be done for you involuntarily at the federal level and you will have nobody but yourselves to blame.
The choice is yours.
-Dan
-- Bingyang Liu Network Architecture Lab, Network Center,Tsinghua Univ. Beijing, China Home Page: http://netarchlab.tsinghua.edu.cn/~liuby