[Dshield] Possible solution for ISP (was DShield's public goals)
vancel at winfreeacademy.com
Fri Jan 13 16:08:31 GMT 2006
Valdis.Kletnieks at vt.edu wrote:
>On Thu, 12 Jan 2006 11:07:28 CST, Laura Vance said:
>>Actually it only blocks for those on the infected ISP *if* the other
>>ISPs do use the ISP block as a means to convince the other ISPs to
>So this works just great if 99% of the ISPs are participating.
>How well does this work if only 25% are participating? They just cut
>themselves off from the 75% of the non-participants....
>This is known as a "bootstrap problem" - any scheme that provides a negative
>benefit until an overwhelming majority deploy it will not deploy in the real
>world, because no provider wants to take the hit of being in the first 10%,
>or 25%, or 60% of sites to deploy....
This question has already been addressed earlier in this thread, but
I'll answer it again.
The ISPs don't have to start blocking until a majority of ISPs are
onboard with the system. The rest of the system would be fine, and they
wouldn't even have to kick the user off if Cefiar's suggestion was used
about limiting the infected machine to only run utilities to repair it
before their link is opened back up fully. It would also serve as a
notification that the user is infected... and, most importantly, it
could be mostly automated.
The basic idea is very flexible, but it seems that all you are trying to
do is dismiss it or shoot it down with statements that have already been
addressed. If you spent the same effort helping to cultivate the idea
it would become a better system that could have ISPs jumping onboard.
Winfree Academy Charter Schools
More information about the list