[69760] in North American Network Operators' Group
Re: Lazy network operators - NOT
daemon@ATHENA.MIT.EDU (Paul Vixie)
Mon Apr 19 18:04:43 2004
To: nanog@merit.edu
From: Paul Vixie <vixie@vix.com>
Date: 19 Apr 2004 22:03:57 +0000
In-Reply-To: <Pine.GSO.4.58.0404182153020.17090@clifden.donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
> > Well, Paul did advance a methodology - blackhole them all <grin>
>
> If Paul came up with a practical way to fix millions of compromised
> computers which didn't involve hiring entire second-world countries
> to talk grandma through the process, I think many people would be
> interested in talking to him.
two things, though: (1) you'll never get those things fixed and (we both
know it), (2) so you'd better prepare for the inevitability of widespread
filtering against your DSL/Cable blocks (whether you talk to me or not.)
> > 550 IP blocked for USE - for resolution contact your service provider.
>
> If you haven't noticed, the infected user doesn't notice this. However
> many other people with legitimate uses are frequently caught up in the
> collateral damage.
sadly, those "other people" have had their expectations falsely set, and
they are going to find their way to <http://www.vix.com/personalcolo/> or
an SMTP AUTH provider because market forces are completely without mercy.
DSL/Cable is a fine access product, it's better than a phone line & modem
because it allows faster web surfing, movies/mp3/etc on demand, and soon
VoIP. but no e-mail server anywhere can afford the risk of accepting
e-mail or any other push-data from them. risk management, in this case,
is going to come in the form of widespread e-mail rejection from all DSL/
Cable blocks. "talk to the hand."
> That's why I keep advocating better ways to identify the specific
> sources of the unwanted traffic, even if they change IP addresses.
my informal survey says the bad guys are better at this stuff than we are,
and they're getting better every day, and we're not. the trend isn't good.
> With better identification, you directly receive the benefit of
> keeping your computer clean. You eliminate the third-party dependency
> of needing to fix other's peoples mistakes in order to do your work.
> It also makes it easier for other people to take action, because the
> collateral damage is less.
you sound like a man with a vision. care to pass that bong over this way?
--
Paul Vixie