[Dshield] Possible solution for ISP (was DShield's public goals)

Laura Vance vancel at winfreeacademy.com
Thu Jan 12 17:07:28 GMT 2006

Valdis.Kletnieks at vt.edu wrote:

>On Wed, 11 Jan 2006 16:53:29 CST, Laura Vance said:
>>I'm not talking about the good ISP shutting of their customers from 
>>accessing hosts on the bad ISP or even sending email to the bad ISP.  
>>I'm talking about the good ISP blocking all inbound traffic from the bad 
>>ISP.  In your scenario, NetZero is the good ISP that wants to do this 
>>plan.  Their customers can browse any site hosted on the Earthlink 
>>webspace.  NetZero customers can also send emails to any IP on the 
>>entire EarthLink IP space.  Since EarthLink is a non-participant in the 
>>system, NetZero blocks all inbound traffic from their customer-space.  
>Congrats.  You just broke essentially *all* peer-to-peer traffic.
>This may be acceptable if you're a corporation, but fatal to your bottom
>line if you're an ISP.
Actually it only blocks for those on the infected ISP *if* the other 
ISPs do use the ISP block as a means to convince the other ISPs to 
follow suit.

The NAT solution that was suggested by someone earlier is what breaks 
*all* peer to peer traffic, because if *all* ISPs use NAT for all 
computers, how is anyone going to be able to listen on the Internet?  
The NAT-only solution that someone mentioned that started my thought 
process is the only one that will really break *all* p2p traffic.... 
Mine allows P2P for everyone except those on bad networks or 
machines.... not everyone on the Internet as other solutions have suggested.

Laura Vance
Systems Engineer
Winfree Academy Charter Schools

More information about the list mailing list