[29809] in North American Network Operators' Group
Re: RBL-type BGP service for known rogue networks?
daemon@ATHENA.MIT.EDU (Shawn McMahon)
Fri Jul 7 12:23:58 2000
Date: Fri, 7 Jul 2000 12:18:15 -0400
From: Shawn McMahon <smcmahon@eiv.com>
To: nanog@merit.edu
Message-ID: <20000707121815.I18576@eiv.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="Enx9fNJ0XV5HaWRu"
Content-Disposition: inline
In-Reply-To: <3965EC7B.EB1A347A@depaul.edu>; from jtk@depaul.edu on Fri, Jul 07, 2000 at 09:43:07AM -0500
Errors-To: owner-nanog-outgoing@merit.edu
--Enx9fNJ0XV5HaWRu
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Jul 07, 2000 at 09:43:07AM -0500, John Kristoff wrote:
>=20
> This form of "shunning" seems like an appropriate approach, but a little
> scary. What sorts of mechanisms will prevent temporary black holes and
> DoS attacks to get an otherwise cooperative organization black holed?=20
There are at least two (probably more) schools of thought on that.
The ORBS approach:
Put people on the list quickly, and make it easy for them to get back off t=
he
list.
The MAPS approach:
Make it damn hard to get on the list.
So, for instance, in the first approach, any smidgin of proof that somebody=
should
be on the list is enough to get them on there, but any smidgin of counter-p=
roof
gets them back off.
In the second approach, you need multiple credible reports from independant=
sources
with documentation of the problem, and of your unwillingness to fix it, bef=
ore
you can get on the list.
The Usenet Death Penalty is similar to the latter, in that you have to be a
widely-known flagrant abuser, and publicly fail to respond to a lot of requ=
ests to
fix the problem, before you get UDPed. Getting back off is pretty public a=
t that
point.
All three of these services rely upon the notion that although you have a r=
ight
to create whatever traffic you like, you don't have the right to inject any=
of it
into my network except on my terms. After that, it's a matter of who likes=
what
particular terms.
--Enx9fNJ0XV5HaWRu
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5ZgLHEcl9bQ0RMt0RAvsJAJ0aYHY+XTbHkBz+3DnKWDcOxSk5xwCg+saz
XNyk4Zvgh93LtI+CwQzF0YA=
=A5uV
-----END PGP SIGNATURE-----
--Enx9fNJ0XV5HaWRu--
