[Dshield] Possible solution for ISP (was DShield's public goals)

Laura Vance vancel at winfreeacademy.com
Thu Jan 12 17:07:28 GMT 2006


Valdis.Kletnieks at vt.edu wrote:

>On Wed, 11 Jan 2006 16:53:29 CST, Laura Vance said:
>
>  
>
>>I'm not talking about the good ISP shutting of their customers from 
>>accessing hosts on the bad ISP or even sending email to the bad ISP.  
>>I'm talking about the good ISP blocking all inbound traffic from the bad 
>>ISP.  In your scenario, NetZero is the good ISP that wants to do this 
>>plan.  Their customers can browse any site hosted on the Earthlink 
>>webspace.  NetZero customers can also send emails to any IP on the 
>>entire EarthLink IP space.  Since EarthLink is a non-participant in the 
>>system, NetZero blocks all inbound traffic from their customer-space.  
>>    
>>
>
>Congrats.  You just broke essentially *all* peer-to-peer traffic.
>
>This may be acceptable if you're a corporation, but fatal to your bottom
>line if you're an ISP.
>  
>
Actually it only blocks for those on the infected ISP *if* the other 
ISPs do use the ISP block as a means to convince the other ISPs to 
follow suit.

The NAT solution that was suggested by someone earlier is what breaks 
*all* peer to peer traffic, because if *all* ISPs use NAT for all 
computers, how is anyone going to be able to listen on the Internet?  
The NAT-only solution that someone mentioned that started my thought 
process is the only one that will really break *all* p2p traffic.... 
Mine allows P2P for everyone except those on bad networks or 
machines.... not everyone on the Internet as other solutions have suggested.

-- 
Thanks,
Laura Vance
Systems Engineer
Winfree Academy Charter Schools




More information about the list mailing list