On 16 Feb 2000, Iván Arce wrote: > None of this would happened if every ISP blocked outbound spoofed > packets, > if every MTA is configured properly to avoid spamming and relaying, if > egress filtering is in place, etc. Flood attacks would still be possible in this case, they'd just be trackable. If you're making the assertion for fixing the problem, you'll need to throw end-to-end QoS and/or out-of-band control channels in the mix. I don't suppose you'd include "real user-based return addresses for e-mail" in your list of anti-spamming practices that everyone *should* follow? > > And lets say it, all this attacks have been known for years and have > been detected for at least months. It just pisses me off that only > after a simultaneous attack to several highly media-exposed targets > everyone suddenly realizes that the net is not and will not be a safe > place > if one doesn't care about safety. "Everyone" isn't security concious. Most people are too busy living their lives to care. We live in a world where sensation and realization are more important than fundamentals and possibilities. Every time something like this happens, we gain a little more ground on the "engineering to fix the problem" side. We have to take what we can, and overall the Net is getting more stable over time. It'd be even nicer if everyone behaved, but encouraging that seems to be on nobody's radar scope. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions probertsat_private which may have no basis whatsoever in fact." PSB#9280
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:04:58 PDT