If they can RRL networks...
...how about for spammers. Lots of people would be grateful. Then again, I would like a nice targeted response to them (which mentioning it might land me in the hoosegow).
The internet's root servers were not the target of a distributed denial-of-service (DDoS) attack in December which for a short time took out four of the 13 pillars of the global network. That's according to two security researchers who will present their findings at a conference in Argentina on Friday. Instead, they conclude …
If only ISPs would do what they're supposed to do.
Not really hard to send stuff from 895M addresses; you can build programs that send it from just over 4 billion addresses. Now; if they were sending it from more than 5 billion addresses and using IPv4 then I'd be impressed.
I'm surprised source IP filtering is still not in yet (and yes I'm quite aware of some of the pitfalls of it). Doesn't make sense for consumer type lines and for the vast majority of commercial ones too.
"to develop a liability model that would penalize network operators that allow attack traffic to flow across their networks"
This would require ISPs to monitor all Internet traffic within their part of the network - who pays the cost of this (the consumer) and worse, who decides what 'attack traffic' is.
Is attack traffic using 'hurtful' language, so you lose youe free speech.
Is it lots of people legitimately using a Web site that has too little bandwidth to cope.
Who decides?
At a general level it's a bad idea due to the complexities of categorising 'attack traffic' but that traffic clearly associated with non-compliance of BCP38 (which is what permits spoofing) ought to be measurable and subject to penalty. I'm of the impression that comms providers mutually benefit from this so it stands to reason that they ought to be able to collaborate and ostracise those who are non-compliant.
Good article here - http://www.internetsociety.org/deploy360/blog/2014/07/anti-spoofing-bcp-38-and-the-tragedy-of-the-commons/
The researchers identify that it was a specific attack (as opposed to a random error) with command and control instructions being identified, and that the attack occurred through a botnet that used the well-known "BillGates" malware.
Wow, people really don't like Microsoft or Windows any more, do they?!