sporkme
drop the crantini and move it, sister
Premium,MVM
join:2000-07-01
Morristown, NJ | Encryption doesn't matter
If a machine is spewing a bunch of junk at an IP at full speed to take down some remote host, it really doesn't matter if it's encrypted or not. The source/destination pairs and volume should indicate something nefarious. |
|
insomniac84
join:2002-01-03
Schererville, IN | What is the difference in some type of DDOS attack and maxing out your upload and download while using bittorrent. Both cases involve using your connection to its max. |
|
manfmmd
Premium
join:2003-01-14
Earth
clubs:
1 edit | In one case you are potentially downloading a legal file...on the other side, in a DDOS attack your machine is being used for malicious purposes. I hope you can see the difference.
I think that ISP's should be held liable if they are given reasonable time to mitigate the threat, say 24 hours, andthey do nothing.
edit:typo |
|
insomniac84
join:2002-01-03
Schererville, IN
| But on volume alone, they can't determine threat.
It's also not the ISPs responsibility to run security for your server. 24 hours of a maxed out upload is not proof of anything malicious. If ISPs police malicious computers, then they are going to be pressured to police child porn, copyright violation, the issue of the day, etc. It would be a mess, and ISPs wouldn't have the resources to do it.
Plus what if 50 computers are flooding your server with bad traffic to bring it to a halt? No one computer's traffic is causing you harm, it's only the combination of all of them together. They could all have different ISPs. No single ISP would see anything bad or be able to stop the attack. |
|
swhx7
Premium
join:2006-07-23
Elbonia
 ·RoadRunner Cable
1 edit | reply to sporkme
It's not necessarily going at full speed from any one machine. The way a DDoS works relies on a lot of clients, but each one can be sending at a moderate rate, and it can still work as a DoS just because there are a lot of them. It just needs to be more than the server can handle. Slashdot blows away small sites regularly with something on the order of 100K hits/hour; with a 1000-member botnet that's only 100 requests each per hour which is nowhere near capacity. It's normal behavior and would not get the attention of even a vigilant ISP. For big sites, heavy-duty servers it takes a lot more, but multiply by 10 or 100 and use more clients and it's still not a big deal.
Another thing the clueless proposer doesn't seem to notice is that the participants in a DDoS aren't necessarily all on the same ISP. The first "D" is for "distributed"; they can be anywhere, and only a fraction on a single ISP.
It's just a dumbass proposal for these and other reasons.
How about this. If it's found that over 90% of the clients in most DDoS attacks run a particular vendor's operating system, make that vendor liable. It obviously sells an OS with poor security!
This is about as reasonable as the lawyer's proposal. |
|
Kearnstd
Elf Wizard
Premium
join:2002-01-22
Mullica Hill, NJ | reply to sporkme
lawyers you have to remember only know enough about computers to type up their lawsuits and hit print.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports |
|
RARPSL
join:1999-12-08
Suffern, NY
| said by Kearnstd  :lawyers you have to remember only know enough about computers to type up their lawsuits and hit print. They are not necessarily that competent. All they need know is enough to assign the task to someone with the knowledge (Secretary, Paralegal, Legal Assistant, etc.). In fact even if they had the capability to do it themself, they often see themself as too important to "waste" billable time on it and just offload it to a lower cost person (such as listed above). |
|
