[4309] in North American Network Operators' Group
Re: SYN floods continue (fwd)
daemon@ATHENA.MIT.EDU (Craig A. Huegen)
Wed Sep 11 16:58:28 1996
Date: Wed, 11 Sep 1996 13:54:30 -0700 (PDT)
From: "Craig A. Huegen" <c-huegen@quad.quadrunner.com>
To: Michael Dillon <michael@memra.com>
cc: nanog@merit.edu
In-Reply-To: <Pine.BSI.3.93.960911122302.19370L-100000@sidhe.memra.com>
On Wed, 11 Sep 1996, Michael Dillon wrote:
==>
==>Is this practical on a global scale?
[post regarding recorded routes deleted]
While it could help, it still falls to the same problem we have today:
Cooperation between providers.
A lot of providers are happy to go through the legwork for their CUSTOMERS
and find which other network the packets are sourced from. Most of the
time, they are happy to trace it to a border router, find out which other
network it's coming from, and pass it on to that ISP.
Other providers refuse to acknowledge that (if their customers are the
culprits) their customers are doing anything wrong--probably because they
like their customers' money and will ignore anything else in reference to
that customer. They'll claim mis-configuration or ignorance. I haven't
seen this with network-level services, but I have seen it with a
well-known infamous Chicago-based service provider on a systems level.
Unfortunately, many times, an ISP won't be responsible enough to act on
problems not related to their customers. It's a shame, but it happens.
/cah
