RE: Nimda et.al. versus ISP responsibility

From: Smith, Mark (smith.r.markat_private)
Date: Fri Sep 28 2001 - 00:36:08 PDT

Next message: namorat_private: "Re: Nimda esponsibility - Laying appropriatel - implied warranty of sale"

Previous message: info: "Re: FBI Virus Alerts"
Maybe in reply to: Luc Pardon: "Nimda et.al. versus ISP responsibility"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Blocking spoofed source addresses is a IETF Best Current Practice :

http://www.faqs.org/rfcs/rfc2827.html



> -----Original Message-----
> From: Jay D. Dyson [mailto:jdysonat_private]
> Sent: Friday, 28 September 2001 10:01
> To: Incidents List
> Subject: RE: Nimda et.al. versus ISP responsibility
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> On Thu, 27 Sep 2001, Greg A. Woods wrote:
> 
> > > I think there is a mid-ground wherein all ISPs are responsible
> > > for both ingress and egress filtering of all traffic on their
> > > network to ensure it is valid traffic (e.g.., making sure that 
> > > customer A cannot inject traffic into the network with a source
> > > IP that doesn't belong to them...nearly eliminating spoofing) 
> > > but stopping short of scanning payloads of packets.
> > 
> > Come on!  Get real!
> > Any properly formed IP packet is valid traffic!
> 
> 	With all due respect, you are so horribly misinformed that it's
> not even funny.  The original author is quite correct that 
> ISPs are indeed
> responsible for ingress and egress filtering in order to diminish the
> likelihood of spoofed packets.
> 
> 	This isn't rocket science.  Anyone claiming that ISPs 
> shouldn't be
> taking such steps is either ignorant, misguided, or just 
> plain opposed to
> common-sense security practices.  In any case, such people definitely
> shouldn't be in charge of any netblock.  They're a hazard to 
> themselves
> and the 'net overall.
> 
> - -Jay
> 
>   (    (                                                      
>    _______
>   ))   ))   .-"There's always time for a good cup of 
> coffee."-.   >====<--.
> C|~~|C|~~| (>------ Jay D. Dyson - jdysonat_private 
> ------<) |    = |-'
>  `--' `--'  `--------------- rm -rf /bin/laden 
> ---------------'  `------'
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> Comment: See http://www.treachery.net/~jdyson/ for current keys.
> 
> iQCVAwUBO7OvxrlDRyqRQ2a9AQE1ZAP/cK1D4C0KKXQR8/PSetzVNcuqutr0VovI
> 5XSKp67+qzXkZZ+fVir52qRrVtT97t1GXm9lAev3lpxBVDr4FSSaU/PnpOga0Mlc
> cnSzKL50gNpTJskE19mSLvW4Wq/EfZj6M62YvY/OwIhAKPu22sLtEJN9IVs/BzMm
> KNh5hXIcO7c=
> =9Evg
> -----END PGP SIGNATURE-----
> 
> 
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management 
> and tracking system please see: http://aris.securityfocus.com
> 

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: namorat_private: "Re: Nimda esponsibility - Laying appropriatel - implied warranty of sale"
Previous message: info: "Re: FBI Virus Alerts"
Maybe in reply to: Luc Pardon: "Nimda et.al. versus ISP responsibility"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Sep 28 2001 - 04:15:34 PDT