North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Government scrutiny is headed our way
- From: Hal Murray
- Date: Sat Jun 20 05:09:47 1998
> This is why the government needs to get involved and *demand* that
> the ability exist via a *protocol* for people in a NOC to initiate
> and follow these traces automatically, without human intervention
> by the NOCs in the chain.
Would you and other operators be willing to modify peering agreements
to include serious fines for running a smurf amplifier or allowing
packets with bogus source addresses to enter the system?
Tracking back bogus source addresses seems hard. Would fines on
smurf amplifiers be good enough to fix the smurf problem? Or do
we need to catch a smurfer to use as an example?
Currently, NOCs don't have much financial interest in tracking down
Karl's stories of non-cooperation make sense if the NOC is looking
at their (short term) bottom line rather than the good of the net.
The person on the phone won't get any reward for solving Karl's problem
(and might get in trouble for sticking his neck out).
Is there a way we can change that?
One possibility might be to offer a reward to the NOC that gets the
evidence on the first smurfer to get tossed in jail or fined more
Another might be to setup peering contracts that encourage ISPs/NSPs
to track down smurfers.
I can't quite come up with the right thing to suggest. Everything
I think of has too many possibilities for gaming.
I'm fishing for something like each ISP/NSP that works on tracking
down a smurfer gets to charge the ISP/NSP closer to the source for
the time and costs it spends on the problem, including the costs
that get passed to it.
How much effort is involved in tracking a smurfer through each router?
Any router vendors willing to estimate how much it would cost to
implement something like Karl's proposed command?
> "trace-smurf <forged-victim-address> <amplifier-address>" <return>
Do smurf attacks always happen late at night and on weekends?
Would major NSPs be willing to setup a smurf hotline so trusted smart
people, like Karl, could bypass the first several layers of screening
and get the data to the right person fast?