- Original Message -
From: Roland Dobbins rdobb...@arbor.net
On Feb 8, 2014, at 4:25 AM, Chris Grundemann cgrundem...@gmail.com
wrote:
Documenting those various mechanisms which are actually utilized is
the key here. =)
Yes, as well as the various limitations and caveats, like
On 2/5/14, 7:11 PM, Mark Andrews ma...@isc.org wrote:
Well when industries don't self regulate governments step in. This
industry is demonstratably incapble of regulating itself in this
area despite lots of evidence of the problems being caused for lots
of years.
Which industry is that? App
On 2/7/2014 1:26 PM, Livingood, Jason wrote:
I do not know what is happening in other jurisdictions.
I find that seriously scary, if wide-spread.
--
Requiescas in pace o email Two identifying characteristics
of System Administrators:
Ex turpi
On 2/7/14, 2:30 PM, Larry Sheldon larryshel...@cox.net wrote:
On 2/7/2014 1:26 PM, Livingood, Jason wrote:
I do not know what is happening in other jurisdictions.
I find that seriously scary, if wide-spread.
Sorry - too many country-by-country regulators to keep track ofÅ
On 2/7/2014 1:44 PM, Livingood, Jason wrote:
On 2/7/14, 2:30 PM, Larry Sheldon larryshel...@cox.net wrote:
On 2/7/2014 1:26 PM, Livingood, Jason wrote:
I do not know what is happening in other jurisdictions.
I find that seriously scary, if wide-spread.
Sorry - too many country-by-country
On Feb 5, 2014, at 2:12 AM, Jimmy Hess mysi...@gmail.com wrote:
On Wed, 05 Feb 2014 12:18:54 +1100, Mark Andrews said:
Now if we could get equipement vendors to stop shipping models
without the necessary support it would help but that also may require
government intervention.
...
A good
On Feb 8, 2014, at 3:37 AM, John Curran jcur...@arin.net wrote:
It's also true that if a sizable group of network operators were to actually
deploy source address validation (thus proving that it really is a reasonable
approach and doesn't carry too much operational or vendor implications),
On Fri, Feb 7, 2014 at 2:07 PM, Dobbins, Roland rdobb...@arbor.net wrote:
On Feb 8, 2014, at 3:37 AM, John Curran jcur...@arin.net wrote:
It's also true that if a sizable group of network operators were to
actually deploy source address validation (thus proving that it really is a
On Feb 8, 2014, at 4:25 AM, Chris Grundemann cgrundem...@gmail.com wrote:
Documenting those various mechanisms which are actually utilized is the key
here. =)
Yes, as well as the various limitations and caveats, like the wholesale/retail
issue (i.e., customers of my customer).
On Feb 5, 2014, at 2:46 AM, Saku Ytti s...@ytti.fi wrote:
If we keep thinking this problem as last-mile port problem, it won't be solved
in next 20 years. Because lot of those ports really can't do RPF and even if
they can do it, they are on autopilot and next change is market forced
On (2014-02-04 23:01 -0500), valdis.kletni...@vt.edu wrote:
Regulation and audits works well enough for butchers, resturants
etc. Remember once BCP 38 is implemented it is relatively easy to
continue. The big step is getting it turned on in the first place
which requires having the
In message CABgOHgs0nEiTCQfOHM21cYwB5Z0PUpAnsWBqV=ppy4k24zw...@mail.gmail.com
, Landon Stewart writes:
--f46d042c63a5ad12dd04f1abc724
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
On 4 February 2014 17:18, Mark Andrews ma...@isc.org wrote:
Well when industries don't self regulate governments step in. This
industry is demonstratably incapble of regulating itself in this
area despite lots of evidence of the problems being caused for lots
of years. This has been DOCUMENTED BEST CURRENT PRACTICE for 13.5
years. Everybody else is
On Wed, Feb 5, 2014 at 2:46 AM, Saku Ytti s...@ytti.fi wrote:
If we keep thinking this problem as last-mile port problem, it won't be
solved
in next 20 years. Because lot of those ports really can't do RPF and even
if
[snip]
The last-mile ports don't necessarily need RPF; a simple inbound
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2/5/2014 7:06 PM, Jimmy Hess wrote:
The last-mile is the best possible place to filter, without
breaking things.
I could not agree more. :-)
- - ferg
- --
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2
-BEGIN
In message 52f2ff98.2030...@mykolab.com, Paul Ferguson writes:
On 2/5/2014 7:06 PM, Jimmy Hess wrote:
The last-mile is the best possible place to filter, without
breaking things.
I could not agree more. :-)
- - ferg
Remember last mile includes datacenter and noc.
Mark
--
Mark
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2/5/2014 7:35 PM, Mark Andrews wrote:
In message 52f2ff98.2030...@mykolab.com, Paul Ferguson writes:
On 2/5/2014 7:06 PM, Jimmy Hess wrote:
The last-mile is the best possible place to filter, without
breaking things.
I could not agree
The last-mile is the best possible place to filter, without breaking
things.
I could not agree more. :-)
very large consumer populations are on metro-ether-like things. and it
gets kinkier from there, don't eat before looking at what ntt-east has
done with ngn.
i fear we really have most of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2/5/2014 7:43 PM, Randy Bush wrote:
The last-mile is the best possible place to filter, without
breaking things.
I could not agree more. :-)
very large consumer populations are on metro-ether-like things.
and it gets kinkier from there,
I'd like to think (and I am not happy smiley person as you well know)
that perhaps we can motivate some younger, brighter, ingenious people
who have not been tilting at this for 15 years to consider new ways to
approach this problem. :-) -- Smiley!
we should definitely scream at them and
On 04/02/14 11:35, Jay Ashworth wrote:
It *is in their commercial best interest (read: maximizing shareholder
value) *NOT* to filter out DOS, DDOS, and spam traffic until their hand is
forced -- it's actually their fiduciary duty not to.
That's short-sighted, but I agree in that that's what
In message 977303.7242.1391542533531.javamail.r...@benjamin.baylink.com, Jay
Ashworth writes:
- Original Message -
From: Paul Ferguson fergdawgs...@mykolab.com
(And yes, I know that in the first case, it urges the customer to
cough up the bucks, and in the second case, it's
Then the need to be made criminally liable for the damage that it causes.
Yes, the directors of these companies need to serve gaol time.
why not just have god send down lightning bolts? quicker and cheaper.
or maybe they will just drown as the level of hyperbole keeps rising.
randy
On 2/4/2014 5:00 PM, Mark Andrews wrote:
Nope: it's easy to explain; you merely have to be a cynical bastard:
Attack traffic takes up bandwidth.
Providers sell bandwidth.
It *is in their commercial best interest (read: maximizing shareholder
value) *NOT* to filter out DOS, DDOS, and spam
In message 52f17931.40...@alter3d.ca, Peter Kristolaitis writes:
On 2/4/2014 5:00 PM, Mark Andrews wrote:
Nope: it's easy to explain; you merely have to be a cynical bastard:
Attack traffic takes up bandwidth.
Providers sell bandwidth.
It *is in their commercial best interest
No, you write a law requiring something, e.g. BCP 38 filtering by
ISPs, and you audit it. You also make the ISPs directors liable
for the impact that results from spoofed traffic from them.
Making it law puts all the ISP's in the country on a equal footing
with respect to implementation
On Wed, 05 Feb 2014 12:18:54 +1100, Mark Andrews said:
Regulation and audits works well enough for butchers, resturants
etc. Remember once BCP 38 is implemented it is relatively easy to
continue. The big step is getting it turned on in the first place
which requires having the right
On Tue, Feb 4, 2014 at 10:01 PM, valdis.kletni...@vt.edu wrote:
On Wed, 05 Feb 2014 12:18:54 +1100, Mark Andrews said:
Now if we could get equipement vendors to stop shipping models
without the necessary support it would help but that also may require
government intervention.
A good
28 matches
Mail list logo