[43864] in North American Network Operators' Group
Re: Fwd: Re: Digital Island sponsors DoS attempt
daemon@ATHENA.MIT.EDU (JC Dill)
Fri Oct 26 16:42:40 2001
Message-Id: <5.1.0.14.2.20011026131015.03c78240@127.0.0.1>
Date: Fri, 26 Oct 2001 13:23:54 -0700
To: nanog@merit.edu
From: JC Dill <nanog@vo.cnchost.com>
In-Reply-To: <Pine.GSO.4.21.0110260025470.2242-100000@www1>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Errors-To: owner-nanog-outgoing@merit.edu
On 12:45 AM 10/26/2001 -0700, James Thomason wrote:
>(We are of course, ignoring the fact that this is an "attack" not a
>"request" or a "probe", or some other form of well intentioned traffic.)
I don't like using the term "well intentioned". Spammers repeatedly claim
that they have good intentions when they send spam, because *some* people
supposedly like getting their unsolicited email. It's not enough to have
good intentions, you MUST put yourself in the shoes of the recipient and of
those who transit your packets and see how THEY feel about the traffic
before you can be said to have "good intentions" about sending it off.
And that's what got Digital Island into this mess. They didn't really stop
to think about what level of probe qualifies as unintrusive and "good
intentioned" from the point of the recipient, only from their end as the
entity that desires to send the probe. Because it's good for their needs,
they assume the other end will see the "joint benefit" and not be
bothered. But they were (obviously) wrong. Now that they know, they need
to pull back and redesign their probes from point of view that is more
sensitive to the needs and concerns of the recipient.
For a start, they shouldn't probe any network that hasn't (yet) requested
any content from them. Then, if they probe in response to a content
request, the probe should SAY THAT so the recipient understands the mutual
benefit. Finally, the procedure for stopping the probes needs to be
reconfigured for ease of use for the recipient who wants it stopped NOW,
not for the convenience of DI.
jc
