Paul A Vixie writes:
> IMHO, as long as money is involved, and as long as someone thinks that
> they have a chance of getting away with something, they will try it.Entirely agreed. On the other hand I have what is turning out to be a
unique (here) point of view about this. I don't want to prevent this
kind of theft -- I want to discover it, and remove perpetrators from any
IXP where they try it. I don't want to block it. I want to ensure that
it is never tried twice. I appear to be in the minority wrt this view.From a resource availability point of view, most of us
would rather lock our houses than set up a sting operation.
From an operational integrity perspective, I find it difficult to
argue that I should leave my infrastructure exposed to a potential
problem - even though a technical solution is available to minimize
it - just so that I can catch someone in the act and make an example
of them.
Ideally you want to be able to detect this specific abuse. The same
tools can be useful in diagnosis of pathological problems or for
collection of statistics.
This filtering is not unlike the concept of a screening table in
SMDS where packets are filtered on source and destination E.164
addresses by the SMDS switch. Works fairly well. Some of these
switches have software that issues alerts when the screening fails.
If they dont already, would the Gigaswitch folks add another knob to
send traps or alerts when an access violation happens ?
--pushpendra
Pushpendra Mohta pushp@cerf.net +1 619 455 3908