[Dshield] Possible solution for ISP (was DShield's public goals)
vancel at winfreeacademy.com
Thu Jan 12 17:07:28 GMT 2006
Valdis.Kletnieks at vt.edu wrote:
>On Wed, 11 Jan 2006 16:53:29 CST, Laura Vance said:
>>I'm not talking about the good ISP shutting of their customers from
>>accessing hosts on the bad ISP or even sending email to the bad ISP.
>>I'm talking about the good ISP blocking all inbound traffic from the bad
>>ISP. In your scenario, NetZero is the good ISP that wants to do this
>>plan. Their customers can browse any site hosted on the Earthlink
>>webspace. NetZero customers can also send emails to any IP on the
>>entire EarthLink IP space. Since EarthLink is a non-participant in the
>>system, NetZero blocks all inbound traffic from their customer-space.
>Congrats. You just broke essentially *all* peer-to-peer traffic.
>This may be acceptable if you're a corporation, but fatal to your bottom
>line if you're an ISP.
Actually it only blocks for those on the infected ISP *if* the other
ISPs do use the ISP block as a means to convince the other ISPs to
The NAT solution that was suggested by someone earlier is what breaks
*all* peer to peer traffic, because if *all* ISPs use NAT for all
computers, how is anyone going to be able to listen on the Internet?
The NAT-only solution that someone mentioned that started my thought
process is the only one that will really break *all* p2p traffic....
Mine allows P2P for everyone except those on bad networks or
machines.... not everyone on the Internet as other solutions have suggested.
Winfree Academy Charter Schools
More information about the list