[32125] in North American Network Operators' Group
Re: Defeating DoS Attacks Through Accountability
daemon@ATHENA.MIT.EDU (Austin Schutz)
Sat Nov 11 17:22:50 2000
Date: Sat, 11 Nov 2000 14:28:02 -0800
From: Austin Schutz <tex@off.org>
To: Barry Raveendran Greene <bgreene@cisco.com>
Cc: Mark Mentovai <mark-list@mentovai.com>,
Mark Prior <mrp@connect.com.au>,
Simon Lyall <simon.lyall@ihug.co.nz>, nanog@merit.edu
Message-ID: <20001111142802.A253@gblx.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <017501c04c28$e31aa170$4f01a8c0@bgreenent2.cisco.com>; from bgreene@cisco.com on Sat, Nov 11, 2000 at 01:46:45PM -0800
Errors-To: owner-nanog-outgoing@merit.edu
On Sat, Nov 11, 2000 at 01:46:45PM -0800, Barry Raveendran Greene wrote:
>
>
>
> > I'll put it this way: filtering should be done against blocks that a
> > customer can announce, not against blocks that a customer is actively
> > announcing. If you're filtering purely against current advertisements,
> > you're bound to break something sooner or later.
>
> Good theory. But what one public source do all the ISP agree to validate the
> authority to announce?
>
CW? (ha ha)
Who says you have to have use a public authority to filter your
customers against? You can have your own private authority, if you really
want. You just have to get the customer to populate/maintain their data in it.
Austin
