North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: FW: Re: Is there a line of defense against Distributed Reflective attacks?
- From: todd glassey
- Date: Wed Jan 22 22:21:46 2003
----- Original Message -----
From: "Andy Dills" <email@example.com>
To: "todd glassey" <firstname.lastname@example.org>
Cc: "Vadim Antonov" <email@example.com>; <firstname.lastname@example.org>
Sent: Wednesday, January 22, 2003 9:07 AM
Subject: Re: FW: Re: Is there a line of defense against Distributed
> On Tue, 21 Jan 2003, todd glassey wrote:
> > Vadim - the newest form of SPAM uses the Messenger facility to place a
> > pop-up in the middle of your screen without any email, pop, smtp or
> > service being involved. I apologize for the tone of the first posting,
> > still stand by it. When ISP's are held accountable for what people do
> > the BW they sell them, then these issues will all be moot. Until then,
> > lie is that there is no way to stop these behaviors and its the one the
> > ISP's proffer exclusively.
> No, we evil network admins are NOT saying there is no way to stop these
> behaviors. We're saying that the solutions put such a crimp on open
> standards and legitimate behavior that their value is negative.
Who gave you the right to decide which laws you were going to abide by and
which ones you were not?
> problem is a social one, not a technical one. The technical problem is the
> vulnerability that exists; the social problem is that as long as ANY
> vulnerability exists, people will try to exploit that vulnerability.
The reason that the vunerability is there is becuase of TCP/IP's inherent
weaknesses, but that aside, there are processes that could easily be put in
place to address these issues, the problem is that they cost money and that
means they have to be paid for and ISP's like many other businesses are run
to be as profitable as possible so that means that their owners will do as
little as humanly possible to address these issues to keep the bottom lines
where they are... Otherwise there wouldn't be the problems with SPAM and
or other Attack Forms that exist today.
> Technology can mitigate the vulnerabilities, but it cannot mitigate the
> desire to exploit.
So then the problem is the ISP's facilitating the evil forces of the world
to do their worst???
> For instance, substitute "airport" for "network", as in "airport
Well, this is really funny - see I used to do Network and Systems Operations
for UAL at the SFO site and I think your commentary is so funny its almost
ludicrous. The problems with the Airlines is the ALPA and its membership and
the various other Unions that have a strangle hold on the carriers. You
folks are not unionized are you?
> There are ways for law enforcement to be 100% positive that no
> terrorists ever steps foot on a plane. Unfortunately, the cost involved,
> along with the reduction in efficiency, would make normal travel
The same is not true of networking though.
> Do you try to hold realestate developers responsible for what the
> homeowner does with their house? Do you try to hold the power company
> responsible for the people who use their electricity to grow weed?
of course not - but I do hold the provider responsible for not enforcing the
laws regarding digital fraud. And everytime one of your email servers passes
a forged email along another hop in its trip, you actively participate in
the fraud, so you are not the grower of the weed but rather the reseller of
> I assume you were beating down the doors of Congress, tyring to get rock
> artists to be responsible for the people who committed suicide after
> listening to their albums?
Hardly, and Tipper and I disagree on many things.
> Andy Dills 301-682-9972
> Xecunet, LLC www.xecu.net
> Dialup * Webhosting * E-Commerce * High-Speed Access