North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: FW: Re: Is there a line of defense against Distributed Reflective attacks?
- From: Jeff Workman
- Date: Mon Jan 20 17:51:23 2003
Stoned koalas drooled eucalyptus spit in awe as Avleen Vig exclaimed:
And it's your job as a network provider to determine the legality of your
users' activities? Plus, you said the magic word "mostly" What about
legit uses of P2P networks? Do you also stop your users from using NNTP as
well, since it's "mostly" used for porn and warez? How about email? since,
from the looks of my mail logs, SMTP traffic is "mostly" spam and sircam. :)
Doesn't this stop kazaa/morpheus/gnutella/FTP/<some aim stuff like
private chats>? This is a problematic setup, and woudl require the cable
modem provider to maintain a quickly changing 'firewall' :( I understand
the want to do it, but I'm not sure its practical to see it happen based
solely on the hassle factor :( Hmm, security, "you gotta pay to play"
(Some famous man once said that I believe)
Indeed it does break that. P2P clients: Mostly transfer illegal content.
As much as a lot of people love using these, I'm sure most realise they're
on borrowed time in their current state.
I'm sure your users would certainly pack up and take their business
elsewhere if you placed these restrictions on them. Why not just put them
all behind a firewall on RFC-1918 addresses, if you are going to block all
And I'm sure that if they were gone tomorrow, I'm sure they'd be back in
another fashion soon.
Any true P2P system is going to need at least one end user to receive a SYN.
I also believe this is usually stated in their TOS that they're not allowed
to run services on their home computers. If I'm on IRC and I initiate an
outgoing DCC chat, the open port on my box awaiting the connection is
hardly a "service."
Ftp/HTTP etc I believe most cable providers currently block these anyway
Unless I'm missing something, wouldn't it be necessary to modify both the
clients and the servers to pass all FT traffic through the servers? I'm
sure those who sell bandwidth to AOL and Yahoo would love it if they did
that, but I don't see it happening.
There's a chance it'd break things like file transfers on IM clients but
I'm sure they'd be altered too.
Jeff Workman | email@example.com | http://www.pimpworks.org