SYN floods (was: does history repeat itself?)

Michael Dillon writes:

> I think its time for the larger providers to start filtering packets
> coming from customers so that they only accept packets with the
> customer's network number on it.

I disagree. A better way to do this would be for providers to cooperate to
track down the people who are doing it and make sure to flood the media
with press releases when the culprits are arrested.

Tracking people down needs to be done, and is important, but lets
remember that we are talking about a vast amount of manpower here, and
if the guy is smart it will turn out to be happening from a machine he
broke in to and not his home base.

In the long run, the best thing is to prevent it from happening. Thats
filtering, and we know how to do it.

I don't disagree about tracking him down -- I want to see people like
this in jail, and this guy in particular should go to jail -- but its
not the full solution. We need both.