On Wed, 19 Sep 2001, David wrote:
> > Might be a cool idea to add to the script a log of the IP's being dropped
> > that you could then email your ISP to filter out further upstream at their
> > routers.
> >
> > I see an eventual solution to distributed denial of service attacks like
> > code red lying in the automated notification and blocking of source IP's at
> > the source rather than destination ISP.
This is an area of research in Active Networks - bits of code running on
routers and switches. When an attack comes in, it gets traced through the
system and the code attaches itself to the outgoing router, shutting off the
offensive traffic.
No, it's not in production yet, and yes, I'm aware of the myriad of
potential problems. But it's one of the things on the horizon.
> which leads to the question... how can one stop all the crap (snow white
> et.al.) that is chewing up my expensive band width. Sure it doesn't pose a
> security problem as long as the system is properly configured, but I am
> paying per meg download. I can't see how I can get my upstream to filter
> it (optus in my case), since it arrives randomly from infected hosts. Once
> it hits my gateway, I've already paid for it.
>
> Is this just an expense of running the internet? a tax we all pay for
> having half wits on the net? or is there something can be done?
You could ask your ISP to filter all stuff for you that you don't explicitly
request, but that screws up legitimate requests. When it comes down to it,
it is pretty much a tax caused by idiots. It's also why spam is so
universally reviled - because the sender doesn't pay for it, the receiver
does.
--
-----------------------------------------------------------------------
#include <disclaimer.h>
Matthew Palmer
[EMAIL PROTECTED]
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
