[110946] in North American Network Operators' Group
Re: Are we really this helpless? (Re: isprime DOS in progress)
daemon@ATHENA.MIT.EDU (David Conrad)
Sat Jan 24 00:06:37 2009
From: David Conrad <drc@virtualized.org>
To: Danny McPherson <danny@tcb.net>
In-Reply-To: <E8532494-B4B3-45BE-A75D-DE3C7AFC0645@tcb.net>
Date: Fri, 23 Jan 2009 21:06:28 -0800
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Jan 23, 2009, at 8:53 PM, Danny McPherson wrote:
> You missed one.. Step 4: enable BCP 38 or similar
> ingress source address spoofing mitigation mechanism
> on all customer ingress interfaces
> ...
> No more excuses, people..
Sad fact is that there are zillions of excuses. Unfortunately I
suspect the only way we're going to make any progress on this will be
for laws to be passed (or lawsuits to be filed) that impose a
financial penalty on ISPs through which these attacks propagate.
Regards,
-drc
