[80281] in North American Network Operators' Group
Re: Schneier: ISPs should bear security burden
daemon@ATHENA.MIT.EDU (Iljitsch van Beijnum)
Thu Apr 28 03:19:19 2005
In-Reply-To: <Pine.LNX.4.44.0504271103350.790-100000@sasami.anime.net>
Cc: NANOG list <nanog@merit.edu>
From: Iljitsch van Beijnum <iljitsch@muada.com>
Date: Thu, 28 Apr 2005 09:17:42 +0200
To: Dan Hollis <goemon@anime.net>
Errors-To: owner-nanog@merit.edu
On 27-apr-2005, at 20:08, Dan Hollis wrote:
> I can definitely say
> worms, trojans, spam, phishing, ddos, and other attacks is up several
> orders of magnitude in those 20 years. Malicious packets now
> account for
> a significant percentage of all ip traffic. Eventually I expect
> malicious
> packets will outnumber legitimate packets, just like malicious email
> outnumbers legitimate email today.
> As long as the environmental polluter model continues to be
> championed and
> promoted on nanog (of all places), the problem will only get worse.
The problem is that the maliciousness of packets or email is largely
in the eye of the beholder. How do you propose ISPs determine which
packets the receiver wants to receive, and which they don't want to
receive? (At Mpps rates, of course.)
This whole discussion is a clear example of the fallacy of treating
"security" as an independent entity, rather than an aspect of other
things.
There are many ISPs that do less than they should, though. (Allow
spoofed sources, don't do anything against hosts that are reported to
send clearly abusive traffic, sometimes even at DoS rates...)
