FW: Re: Is there a line of defense against Distributed Reflective attacks?

The first MPEG-4 HD set top boxes are beginning to appear

モーリコーポレション株式会社 - 医薬品を多く販売したい場合は、弊社にお任せください。

Watch this space....

If you read the document carefully, you�ll figure that they support MPEG2 HDTV
and MPEG4 SDTV (640x480/720x576), which was my point earlier. So they are little
less than
two cycles of Moore�s law away from MPEG4 HDTV. That would put it three years
away but if the market is there, we�ll probably see it earlier. SDTV
video-over-ip services
should take off first though or we�ll end up with peer2peer set top boxes
sharing premium
channel services over broadband networks.


However, the US courts and US law don't agree with you.


   In what legal experts describe as a first, a federal appeals court has
   upheld a ruling that America Online and other Internet service
   providers are not liable for "hostile code" sent between subscribers.

Vadim - the instant someone sues a Provider for sexual harassment from


spam epidemic you will start to see things change. The reason that No-Sane
provider will block these ports or services is because they have been
listening to their Network Admins too long, and in fact the problem is


they are not sane providers. What they are, and this is pretty much true

Actually, most provider won't block ports due to service contracts with
customers. Mail filters easily allow for exceptions to the rule. However, IP
layer filters do not allow such exceptions without extensive overhead. Is a
rural ISP that is forced to use older routers for modem banks to deal with
rural telco issues required to run an authentication method that allows per
user filtering despite the fact that such methods seriously inhibit the
performance of the modem bank? Or should such a provider block specific IP
ranges or ports at a global level despite the fact their clients actually
use the valid services registered to those ports?

It is not the responsibility of the provider to secure the individual's
machines. The provider's responsibility is to the network as a whole. We
designed a stupid network so that interoperability would be optimal. The
second you start building smart networks, you have conflicts. Look at the
caching engines of today. There is not a single cache mechanism that is
guaranteed to work with 100% of the content its designed to cache. Another
example would be the recent 69/8 issues; Smart networks trying to protect
themselves and damaging legitimate traffic in the process.

Jack Bates
Network Engineer
BrightNet Oklahoma

Perhaps, continuing the off-topic thread...

The best compression techniques that do not use block-based methods (as
in MPEG-2/4) can achieve much better compression capabilities than
listed below and in the other follow-on thread. For an excellent
overview of what this may do for video on demand over the Internet,
check out the September 22nd issue of The Economist. There are
basically three types of approaches: wavelet, fractal, and heuristic (or
object?). They are also either software-only or hardware-assisted.
I've seen one of them that claims 1.1 Mbps typically for standard
definition (480i), and about 3 Mbps for HDTV (1080i). I'm no codec
expert, but I was amazed at the clarity, even with packet loss. I think
we'll find video on demand and other streaming entertainment services
over our xDSL connections and Cable Modems much sooner than most people
expect. I hope network operators are prepared for it.

You can get a typed copy of The Economist Article at:


Jeff Turner


From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf
Of Al Rowland
Sent: Wednesday, January 22, 2003 9:28 AM
To: nanog@trapdoor.merit.edu
Subject: RE: FW: Re: Is there a line of defense against Distributed

Reflective attacks?