On ISPs Not Filtering Viruses
Bill Frantz
frantz at pwpconsult.com
Tue Jan 8 14:33:17 EST 2002
At 10:11 AM -0800 1/7/02, Nelson Minar wrote:
>I'm writing because I find it interesting that some folks here *like*
>the idea of their ISP filtering content. I find that surprising! I
>assume it's motivated by the huge problem of viruses, but wouldn't it
>be better to fix the clients, not the pipes? There are a whole lot of
>risks in a network layer suddenly doing application-layer things.
There is one case where it makes sense for people to have their ISPs filter
packets, and this is in response to a denial of service (DOS) attack. If
you are connected to your ISP thru a link which is slow compared with the
main internet (e.g. connected thru DSL or a T1), then a DOS attack can
saturate the link between you and your ISP. The only solution I know of is
to have your ISP filter the offending packets before they hit your link. A
number of people have used this technique to remain "on the air" in the
midst of a DOS attack.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
frantz at pwpconsult.com | fair use. | Los Gatos, CA 95032, USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list