From owner-freebsd-isp Wed Apr 4 9:15:58 2001 Delivered-To: freebsd-isp@freebsd.org Received: from matrix.buckhorn.net (buckhorn.net [63.151.3.210]) by hub.freebsd.org (Postfix) with ESMTP id C429D37B719 for ; Wed, 4 Apr 2001 09:15:54 -0700 (PDT) (envelope-from bob@buckhorn.net) Received: from [63.151.3.239] (HELO buckhorn.net) by matrix.buckhorn.net (CommuniGate Pro SMTP 3.3.2) with ESMTP id 180875; Wed, 04 Apr 2001 11:14:16 -0500 Message-ID: <3ACB48B1.2BE269CF@buckhorn.net> Date: Wed, 04 Apr 2001 11:15:45 -0500 From: Bob Martin X-Mailer: Mozilla 4.73 [en] (X11; U; FreeBSD 4.2-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: Chuck Rock Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Chasing the kiddies (was: Named Keep crashing) References: <001b01c0bd1b$0b242a20$1805010a@epconline.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org *This message was transferred with a trial version of CommuniGate(tm) Pro* Chuck Rock wrote: > > How about getting a license to put a machine on the public network so you > have to abide by "rules" for security, and if you are shown to screw up, and > not maintain your security, your license is revoked, and your pulic IP's are > then taken out of routes so they can't be accessed until you prove your > worthiness again, or someone fixes it. Well, we sorta have that now. Everyone has an AUP. The problem begins when admins are too overwhelmed to enforce them, or in the case of a few tier 1 and tier 2 providers I won't name, the bean counters have determined that there is more money in allowing "a few bad apples" than there is in enforcing the rules. > How many people are allowed to connect any computer they want to the public > network, and cause harm to some or all the other users on that network. > Kinda like driving a car, only the consequences aren't necesarily deadly. It amazes me that people will spend serious money for a computer, but won't go the extra short step of learning about what it is, and what it can do. It would really be of great if every computer shipped with a "Using this computer for dummies" The real problem here is that the people causing the problem would pass their "driving" test with flying colors... And would most likely find a way to "drive" without a license anyway. > If you misconfigure BGP, you can effective screw up a large part of the > Internet, this kind of power should not be given lightly. Interesting point. If it was as hard to get an internet connection as it is to get an ASN, maybe things would be a little better. It's the "simple" screw ups that bother me most. Like allowing ip directed broadcasts. There are still entire class B networks that can be used for Papa Smurf attacks. And the only purpose it serves is to help the sysadmin figure out which IP's they are using. > My 2 cents, > Chuck Rock > EPC > -- Bob Martin, CTO InterNet Unlimited http://www.inu.net mailto:bob@inu.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message